The Mike Rothman Security Report

The Mike Rothman Security Report http://www.ebizq.net/blogs/mike_rothman/ ebizQ is proud to bring you Security Incite's Mike Rothman, who podcasts and writes on application security and related topics. en Copyright 2011 Wed, 15 Oct 2008 17:09:56 -0500 http://www.sixapart.com/movabletype/?v=4.21-en http://blogs.law.harvard.edu/tech/rss Understanding Web 2.0 Attacks In this month's Mike Rothman Security Report, Mike flies solo and rants a bit about Web 2.0 attack vectors. Since Web 2.0 is all the rage and you are hearing from folks you haven't spoken to since elementary school, Mike... http://www.ebizq.net/blogs/mike_rothman/2008/10/understanding_web_20_attacks.php http://www.ebizq.net/blogs/mike_rothman/2008/10/understanding_web_20_attacks.php Wed, 15 Oct 2008 17:09:56 -0500 Protecting the Crown Jewels With Database Security -- Rothman Chats With Ted Julian In this month's Mike Rothman Security Report podcast, Mike talks to Ted Julian of Application Security about database security. Given that most attacks are targeting the web applications to gain access to the database, we cover the importance of protecting... http://www.ebizq.net/blogs/mike_rothman/2008/09/protecting_the_crown_jewels_wi.php http://www.ebizq.net/blogs/mike_rothman/2008/09/protecting_the_crown_jewels_wi.php Tue, 09 Sep 2008 14:48:32 -0500 What's So Scary About CSRF? Plenty! Rothman Talks to Nitesh Dhanjani In this month's Mike Rothman Security Report, Mike rolls up his sleeves with Nitesh Dhanjani of Ernst & Young to really dig into and understand the Cross Site Request Forgery (CSRF) attack. Nitesh goes through the mechanics of the attack,... http://www.ebizq.net/blogs/mike_rothman/2008/08/whats_so_scary_about_csrf_plen.php http://www.ebizq.net/blogs/mike_rothman/2008/08/whats_so_scary_about_csrf_plen.php Fri, 15 Aug 2008 14:22:26 -0500 What You Need to Know About Source Code Analysis: Mike Rothman Talks to Brian Chess Learn more about secure coding from SearchSecurity.com *** Editor's Note: Don't miss a single important development in security by getting ebizQ's weekly security newsletter delivered straight into your inbox. Just check Security Update and leave your email right here. In... http://www.ebizq.net/blogs/mike_rothman/2008/06/how_to_select_your_source_code.php http://www.ebizq.net/blogs/mike_rothman/2008/06/how_to_select_your_source_code.php Mon, 30 Jun 2008 10:40:17 -0500 SQL Injection Rears Its Ugly Head Again There is nothing like becoming reacquainted with old friends, especially attack vectors that seem to rise from the dead and create mass hysteria and leave a trail of mayhem in its wake. No, Godzilla has not risen from the depths... http://www.ebizq.net/blogs/mike_rothman/2008/06/sql_injection_rears_its_ugly_h.php http://www.ebizq.net/blogs/mike_rothman/2008/06/sql_injection_rears_its_ugly_h.php Fri, 20 Jun 2008 10:55:26 -0500 Number One Threat to Web Applications: Mike Talks SQL Injection With White Hat Security In this month's Mike Rothman Security Report, Mike and Jeremiah Grossman of White Hat Security take a deep dive into an application attack called SQL*Injection. This scourge is responsible for the mass, automated attacks that have been found compromising hundreds... http://www.ebizq.net/blogs/mike_rothman/2008/06/post_2.php http://www.ebizq.net/blogs/mike_rothman/2008/06/post_2.php Mon, 02 Jun 2008 11:16:02 -0500 Pros and Cons of Big Security: Mike Talks to Alan Shimel Listen to or download the 11:46 minute podcast below: Download file In this month's edition of the Mike Rothman Security Report podcast, Mike interviews blogger extraordinaire Alan Shimel of StillSecure, as they talk about the pro's and con's of security... http://www.ebizq.net/blogs/mike_rothman/2008/05/post_1.php http://www.ebizq.net/blogs/mike_rothman/2008/05/post_1.php Tue, 06 May 2008 15:36:16 -0500 Is Big the New Small in Application Security? I've been following the security markets for close to 15 years at this point, and I continue to spot the same trends over and over again. You don't have to be too smart to figure out where things are going,... http://www.ebizq.net/blogs/mike_rothman/2008/05/is_big_the_new_small_in_applic.php http://www.ebizq.net/blogs/mike_rothman/2008/05/is_big_the_new_small_in_applic.php Tue, 06 May 2008 11:44:09 -0500 The Scourge of Cross-Site Scripting Attacks: Mike Rothman Talks With Jeff Williams ***Editor's Note: If you're interested in the secure B2B identity architecture of tomorrow, make sure you sign up for the Federation and User Centric Identity webinar today! Listen to or download the 9:55 minute podcast below: Download file In... http://www.ebizq.net/blogs/mike_rothman/2008/04/the_enemy_of_application_secur.php http://www.ebizq.net/blogs/mike_rothman/2008/04/the_enemy_of_application_secur.php Wed, 09 Apr 2008 15:24:45 -0500 Defending Against the Cross-Site Scripting Attack ***Editor's Note: If you're interested in the secure B2B identity architecture of tomorrow , make sure you sign up for the Federation and User Centric Identity webinar today! This month I want to dig a bit deeper into the... http://www.ebizq.net/blogs/mike_rothman/2008/04/defending_against_the_crosssit.php http://www.ebizq.net/blogs/mike_rothman/2008/04/defending_against_the_crosssit.php Mon, 07 Apr 2008 12:32:21 -0500 Hacker-Proof Your Applications: Mike Rothman Talks with Kevin Beaver ***Editor's Note: If you like this podcast, make sure to tune into the upcoming ebizQ Webinar hosted by Mike Rothman about the latest and least-greatest threats titled Threatscape 2008. Listen to or download the 11:52 minute podcast below: Download file... http://www.ebizq.net/blogs/mike_rothman/2008/03/applications_in_the_crosshairs.php http://www.ebizq.net/blogs/mike_rothman/2008/03/applications_in_the_crosshairs.php Wed, 05 Mar 2008 11:52:25 -0500 Penetration Testing Like a True Hacker ***Editor's Note: If you like this topic, join ebizQ and Security Expert Mike Rothman for this month's Threatscape 2008 featuring Mike Rothman and A. N. Ananth. Applications are the path of least resistance for the bad guys. With a myriad... http://www.ebizq.net/blogs/mike_rothman/2008/03/penetration_testing_like_a_tru.php http://www.ebizq.net/blogs/mike_rothman/2008/03/penetration_testing_like_a_tru.php Mon, 03 Mar 2008 12:16:05 -0500 Excellent SOA Security Question Someone attending next Wednesday's SOA Security Roundtable asked the following question: There are a lot of levels in security that need to get "stitched in" to provide process level security in the SOA enterprise. A quick review of the more... http://www.ebizq.net/blogs/mike_rothman/2008/02/excellent_soa_security_questio.php http://www.ebizq.net/blogs/mike_rothman/2008/02/excellent_soa_security_questio.php Fri, 22 Feb 2008 11:37:21 -0500 Edging Towards Secure Application Development ***Editor's Note: If you like this topic, join ebizQ and Security Expert Mike Rothman for this month's special roundtable on SOA Security trends. Network security is so yesterday. Yes, it's still important, but it's certainly not sufficient to protect your... http://www.ebizq.net/blogs/mike_rothman/2008/02/edging_towards_secure_applicat.php http://www.ebizq.net/blogs/mike_rothman/2008/02/edging_towards_secure_applicat.php Mike Rothman's monthly ebizQ feature Mon, 04 Feb 2008 13:54:44 -0500 Securing the Path of Least Resistance: Mike Discusses Secure SDLC With Michael Gavin Learn more about secure coding from SearchSecurity.com Click here to sign up for Mike's SOA Security Roundtable coming up soon! In this month's Mike Rothman Security Report Podcast, Mike interviews Michael Gavin from Security Innovation about the importance and... http://www.ebizq.net/blogs/mike_rothman/2008/01/applications_have_become_the_p.php http://www.ebizq.net/blogs/mike_rothman/2008/01/applications_have_become_the_p.php Podcast Mon, 28 Jan 2008 12:11:54 -0500