Mightyseek - dev21.mightyseek.com - Man Vs WebApp
General Information:
Latest News:
An Information Security Place Podcast – 8-20-13 21 Aug 2013 | 11:35 am
The podcasting returns! This is the first new episode of InfoSec Place and in a few days will be the return of my web security podcast here on Man Vs Webapp (formerly Mightyseek). Show Notes: InfoSe...
Hacking Fantasy – Hackers Only Fantasy Football League 20 Aug 2013 | 06:05 am
This November I will be presenting at AppSec USA, Revenge of the Geeks: Hacking Fantasy Football Sports Sites. While I enjoy hacking fantasy football apps, I also enjoy playing the game.So this year, ...
OWASP Top 10 List Maturing – Evidenced by Minor Changes 21 Jun 2013 | 07:51 pm
The OWASP Top 10 list is well known as the industry standard for what matters in web security. The list, which ranks the most critical risks organizations face through their web applications, was rece...
Build security earlier into the SDLC with NT OBJECTives & Coverity 25 Apr 2013 | 10:47 pm
NTO & Coverity launch interactive application security (IAST) Are your developers effectively testing for and fixing security vulnerabilities early in the software development lifecycle (SDLC)? Coveri...
NT OBJECTives and Coverity release integrated SAST and DAST 16 Apr 2013 | 09:02 am
We are happy to announce our partnership with Coverity and the general availability the first Interactive Application Security Testing (IAST) solution to be built on a “developer-ready” platform. With...
Chinese Corporate Cyber Espionage by Christopher R. Lew Ph.D 10 Apr 2013 | 09:53 pm
I attend some of the talks at security conferences for technical interest, others for political interest. This one, at 2013 B-Sides San Francisco was the latter and Mr. Christopher R. Lew, author of s...
How predominant is Cross site request forgery (CSRF)? 2 Apr 2013 | 01:12 am
Continuing my series on the talks I attended at 2013 Security B-Sides, this one from Dan Hubbard (CTO OpenDNS) and Frank Denis (@thinkumbrella) called, “Building a Security Graph” demonstrated some cl...
Why are we still vulnerable to side-channel attacks? (and why should I care?) 20 Mar 2013 | 04:54 pm
2013 B-Sides San Francisco Talk Summary Series This was a great talk given by Jasper Van Woudenberg, from Riscure. Whenever I attend these talks, I always include a couple that are pure indulgence to ...
Secure SSL, “Tales of Transport Layer Security at Twitter” from 2013 B-Sides San Francisco 19 Mar 2013 | 07:12 pm
SSL++; Tales of Transport Layer Security at Twitter I am happy to have attended this talk, at 2013 B-Sides San Francisco, by @jimio, a Twitter employee, on SSL security and how to create a secure SSL ...
New Report: SQL Injection vulns are hidden in web services (learn how to find them) 7 Mar 2013 | 12:44 am
In this new report, “The Widening Web Application Security Scanner Coverage Gap in RIA, Mobile and Web Services: Is Your Scanner like the Emperor’s New Clothes?”, Dan Kuykendall and Matthew Cohen of N...