[SC-L] IR/Application Security
In this episode Karl Sigler sit's down with Grayson Lenik, a forensic expert for Trustwave SpiderLabs. We talk about Point-of-Sale malware, including common web application security attack vectors as well as remediation steps to help protect businesses using POS systems. http://blog.spiderlabs.com/2014/01/spiderlabs-radio-january-23-2014.html Enjoy! ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
[SC-L] OWASP Summit / Elections
The next global summit for OWASP Foundation Inc (www.owasp.org) will be held on November 11th 2009 (Veterans Day in the USA) in Washington, DC., USA As is customary at our summits we will govern by rough consensus and collaborate face to face town hall style for our professional associations direction. http://www.owasp.org/index.php/Summit_2009 Just one of the many shaping activities that will take place will be, the first democratic ELECTION of a OWASP Board Member by the membership. Eligible individuals have already volunteered time, served as a project leader and or chapter leader and have have demonstrated global leadership acumen as a current and active member of a Global Committee. You will hear from each of these candidates during the town hall session of why they are the best person for the role. If you have never attended a OWASP Summit (such as Portugal 2008 http://www.owasp.org/index.php/OWASP_EU_Summit_2008 ) you will not want to miss this event - when you get passion filled OWASP people together we come together as a community to set the direction for the next 6,12,24 months and we need you to get involved to continue our mission. Semper Fi, Tom Brennan OWASP Foundation 973.506.9303 About OWASP - http://www.owasp.org/index.php/About_OWASP - 2009 OWASP Summit http://www.owasp.org/index.php/Summit_2009 ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___
Re: [SC-L] SANS Institute - CWE/SANS TOP 25 Most Dangerous ProgrammingErrors
CVE - http://cve.mitre.org/ known problems known systems CWE - http://cwe.mitre.org/ classes of problems unknown systems http://cwe.mitre.org/top25/ Will business start to talk CWE as they already talk CVE? Discussion/Debate/Thoughts Tom Brennan -Original Message- From: sc-l-boun...@securecoding.org [mailto:sc-l-boun...@securecoding.org] On Behalf Of Kenneth Van Wyk Sent: Monday, January 12, 2009 2:30 PM To: Secure Coding Subject: [SC-L] SANS Institute - CWE/SANS TOP 25 Most Dangerous ProgrammingErrors FYI, a top 25 programming errors list from the folks at SANS has been released. See the following for details: http://www.sans.org/top25errors/ Cheers, Ken - Kenneth R. van Wyk KRvW Associates, LLC http://www.KRvW.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___