[WEB SECURITY] application attacks

AF newsalaksa at nxtg.net
Mon Jul 17 15:25:31 EDT 2006


Hi there!

I think the mistake is in this sentence: 

> Now, every developer know how to 
> protect their web applications against application attacks such as SQL 
> Injection,XSS, HTTP smuggling, and others. So could someone give me some
>  clear image about that. What's wrong?

The question is "Who's wrong ?"
The answer is : You. : ) 

That's a fact: many web developpers still don't know how to implement security 
principles. Many don't even know security principles exist!

So when it comes to sql injection, xss, splitting, applogic, and so on... well... there's
still a lot of work ahead of us to do. This applies to almost every industry! 

Pentesting, for fun, but also teaching and spreading the information around us, 
as much as we can. That's it. That's what we can (have to?) do.

@ntoine



----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list