Web Application Security

Posted on August 28, 2009 by admin in Main | Leave a comment

Customers often ask the following question: What is the best approach to securing my web applications? Of course, the answer to the question is what our web application security assessments are all about. But if you haven’t yet engaged in that process, this post briefly outlines some ideas that you can institute to have a greater degree of confidence that your web applications are secure. Fundamentally, secure web applications are a result of a secure software development lifecycle. There are … →

Enumerating SSL Ciphers with SSLScan

Posted on August 24, 2009 by Nathan Drier 2 Comments

You’d think that checking your email in a web browser is a simple task. Open up Firefox, plunk in your username and password, and start sending things to the SPAM folder. The truth is, when you load up your web mail in a browser, a flurry of activity takes place behind the scenes. One of the most interesting things that happens is how your web browser interacts with your web mail server (or any SSL-enabled service) to select a encryption … →

Attacking Webmail User Accounts

Posted on August 4, 2009 by Nathan Drier 3 Comments

Webmail is absolutely everywhere. I rarely come across a corporate network that doesn’t have Outlook Web Access, Groupwise, or some other variant of webmail listening. Being able to get at email accounts from the Internet can save employees a lot of time and headache, but using those accounts with weak passwords can result in an even larger headache. Knowing how the majority of the planet uses email (sending some pretty sensitive data) this creates a large risk for most any … →

Monthly Archives: August 2009

Web Application Security

Enumerating SSL Ciphers with SSLScan

Attacking Webmail User Accounts

Search

Admin

Monthly Archives: August 2009

Web Application Security

Enumerating SSL Ciphers with SSLScan

Attacking Webmail User Accounts

Search

Follow Us!

Admin