funsec mailing list archives
Re: Eight reasons why website vulnerabilities are not fixed
From: "Hubbard, Dan" <dhubbard () websense com>
Date: Thu, 7 May 2009 09:08:26 -0700
My addition: "Security abstracted from process" You would be surprised how many companies we contact who have been breached who respond with: "we did not know that site existed" "looks like that is hosted on some 3rd party server (damn marketing!) "that is not our site...wait a minute it turns out it is" "port 80 isnt enough security"? -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Juha-Matti Laurio Sent: Thursday, May 07, 2009 6:44 AM To: funsec () linuxbox org Subject: [funsec] Eight reasons why website vulnerabilities are not fixed Very good points: http://jeremiahgrossman.blogspot.com/2009/05/8-reasons-why-website-vulnerabilities.html Comments are worth of reading too. Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. Protected by Websense Hosted Email Security -- www.websense.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Eight reasons why website vulnerabilities are not fixed Juha-Matti Laurio (May 07)
- Re: Eight reasons why website vulnerabilities are not fixed Hubbard, Dan (May 07)