Mike Andrews » WebSec101 http://www.mikeandrews.com Sat, 03 Oct 2009 15:41:35 +0000 http://wordpress.org/?v=2.9.2 en hourly 1 Websec101 – Episode 4 – Authorization http://www.mikeandrews.com/2009/07/20/websec101-episode-4-authorization/ http://www.mikeandrews.com/2009/07/20/websec101-episode-4-authorization/#comments Mon, 20 Jul 2009 15:34:22 +0000 Mike http://www.mikeandrews.com/2009/07/20/websec101-episode-4-authorization/ The next episode of WebSec101 which covers the topic of authorization has been posted to the Foundstone site.

http://www.foundstone.com/websec101/

Although not talked about as much as SQLi or XSS, authorization is the number one flaw you have to make sure your app is not vulnerable to.  Not a lot of technical discussion in this webcast, but a few ideas on how to test for authorization flaws and things to look for that might be an indication of a weak authorization system.

]]> http://www.mikeandrews.com/2009/07/20/websec101-episode-4-authorization/feed/ 0