Three Web Application Vulnerabilities You Need to Know

posted on Friday, July 18, 2008 12:52 PM

Via Hacker News and Peteris Kumins' blog on programming, hacking, software reuse and stuff comes the latest Google tech talk, this one on web application vulnerabilities and "how cybercriminals steal money".

While Peteris and Google are targeting web developers with this informative video talk, it's a great resource as well for security folks as well as network administrators tasked with understanding how to thwart web application attacks.

Even if you've deployed a web application firewall to protect you from these kinds of vulnerabilities, it's still a great idea to watch this one and get a better understanding of the attacks.

The three vulnerabilities covered are:

SQL Injection
Cross-Site Request Forgery (XSRF)
Cross-Site Script Inclusion (XSSI)

The video and direct link are included here as well, but check out Peteris' blog for an overview of interesting points in the tech talk.

Direct URL: http://www.youtube.com/watch?v=jc6Q1uCnbMo

Technorati Tags: MacVittie,security,Google,web application firewall,vulnerabilities,SQL injection,XSRF,XSSI,developers

Posted In: Web 2.0, Security, Development and General,

One Comment

Feedback

5/18/2009 4:16 AM
		Recent URLs tagged Vulnerabilities - Urlrecorder
Pingback/TrackBack

Let Me Know What You Think

Please use the form below if you have any comments, questions, or suggestions.

Title:

Name:

Email: (so we can show your gravatar)

Website:

Comment: Allowed tags: blockquote, a, strong, em, p, u, strike, super, sub, code

Remember Me?

Enter the code shown above:

Please add 7 and 2 and type the answer here:

		General SOA
		SOA Delivery
		Randomness
		Web 2.0
		Security
		iRules
		iControl
		Development and General
		Monitoring/Management
		XML
		ISV Solutions
		Microsoft Solutions
		Performance
		Cloud Computing
		Virtualization
		WILS
		Infrastructure 2.0
		F5 Friday
		Data Center Feng Shui
		Dynamic Infrastructure
		Load balancing
		Service Providers
		1024 Words
		v10.2.2
		v11
		JSON
		HTML5
		Mobile
		iApp
		Availability
		Storage
		DDoS
		AppSec
		TradSec
		Marketing Madness

		February, 2012 (6)
		January, 2012 (13)
		December, 2011 (9)
		November, 2011 (12)
		October, 2011 (14)
		September, 2011 (14)
		August, 2011 (16)
		July, 2011 (12)
		June, 2011 (14)
		May, 2011 (12)
		April, 2011 (16)
		March, 2011 (16)
		February, 2011 (12)
		January, 2011 (14)
		December, 2010 (12)
		November, 2010 (14)
		October, 2010 (14)
		September, 2010 (13)
		August, 2010 (13)
		July, 2010 (18)
		June, 2010 (22)
		May, 2010 (22)
		April, 2010 (19)
		March, 2010 (23)
		February, 2010 (20)
		January, 2010 (17)
		December, 2009 (16)
		November, 2009 (20)
		October, 2009 (22)
		September, 2009 (21)
		August, 2009 (25)
		July, 2009 (18)
		June, 2009 (20)
		May, 2009 (20)
		April, 2009 (21)
		March, 2009 (23)
		February, 2009 (17)
		January, 2009 (19)
		December, 2008 (17)
		November, 2008 (18)
		October, 2008 (27)
		September, 2008 (32)
		August, 2008 (31)
		July, 2008 (30)
		June, 2008 (33)
		May, 2008 (30)
		April, 2008 (24)
		March, 2008 (5)
		February, 2008 (4)
		January, 2008 (8)
		December, 2007 (5)
		November, 2007 (6)
		October, 2007 (3)
		September, 2007 (5)
		August, 2007 (7)
		July, 2007 (7)
		June, 2007 (5)
		May, 2007 (11)
		April, 2007 (9)
		March, 2007 (7)
		February, 2007 (10)
		January, 2007 (5)
		December, 2006 (4)
		November, 2006 (8)