Yves Reynhout's Blog
The seagile man
Security
Today was the last day of a three-day course on
Web Application Security
(given at
Business Training
by
Ascure
). I was familiar with most of the content presented (then why did I go? boss' orders). It was a nice overview for developers who are not
security-aware.
Amazingly, "Web Application Security" is still oriented very much towards network security (SSL, HTTP, TCP, IP, Firewall, IDS, ...) and infrastructure (Servers, DMZ, topology). A product I wasn't very much aware of is
Sanctum
's
Appshield
, which allows you to define which HTTP requests go through (it even has a learning mode) based on HTTP headers, HTTP POST or GET parameters and their possible values, and a lot more.
Comments
No Comments
Leave a Comment
Title
(required)
Name
(required)
Your URL
(optional
)
Comments
(required)
Remember Me?
Search
Go
This Blog
Home
About
Tags
.NET
Code generation
Corporate
Mediator
MVVM
NAuthorize
Object/Relational Mapping
Silverlight
SOA
WPF
Navigation
Home
Blogs
Archives
October 2009 (1)
September 2005 (1)
June 2005 (1)
May 2005 (1)
April 2005 (5)
October 2004 (1)
June 2004 (3)
March 2004 (2)
February 2004 (1)
January 2004 (1)
December 2003 (1)
November 2003 (1)
October 2003 (8)
July 2003 (1)
May 2003 (1)
April 2003 (2)
March 2003 (3)
February 2003 (5)
NAuthorize
NAuthorize on forge.novell.com
Sun's XACML implementation
XACML @ OASIS
RBAC @ NIST
Ravi S. Sandhu
RAD by Healthcare DTF @ OMG
Testdriven.net
Syndication
RSS
Atom
Comments RSS