Podcast 36

OWASP Podcast Series #36

OWASP NEWS May 2009 (part 2) Recorded July 23th, 2009 Published August 15th, 2009

http://www.owasp.org/download/jmanico/itunes.jpg https://www.owasp.org/images/d/d3/Feed-icon-32x32.png mp3

Participants
Host: Jim Manico Participants: Boaz Gelbord, Andre Gironda, Jason Lam, Alex Smolen, Ben Tomhave, Andrew van der Stock, Jeff Williams Copy Editors: Andre Gironda and Boaz Gelbord

Articles

 * 5/15 Does Tokenization Solve Anything? http://www.secureconsulting.net/2009/05/does_tokenization_solve_anythi.html
 * 5/16 Daily Dave and crew talk browser-based client side crypto http://seclists.org/dailydave/2009/q2/0093.html
 * 5/19 It’s No Secret. Measuring the Security and Reliability of Authentication via ‘Secret’ Questions http://research.microsoft.com/pubs/79594/oakland09.pdf
 * 5/19 Some Thoughts on the OWASP Top Ten http://blog.ncircle.com/blogs/vert/archives/2009/05/some_thoughts_on_the_owasp_top.html
 * 5/19 Making Secure Code Easier http://blogs.msdn.com/sdl/archive/2009/05/19/making-secure-code-easier.aspx
 * 5/19 Java deserialization issues http://blog.cr0.org/2009/05/write-once-own-everyone.html
 * 5/20 Parameter Pollution http://www.h-online.com/security/New-type-of-attack-on-web-applications-Parameter-Pollution--/news/113333/from/rss
 * 5/28 Don Ankney LayerOne XSS Presentation http://hackerco.de/2009/05/layerone-presentation-video.html
 * 5/28 Logging in the Age of Web Services http://1raindrop.typepad.com/1_raindrop/2009/05/logging-in-the-age-of-web-services.html