Michael Sutton's Blog
November 2006 - Posts
The Best Way to Find Vulnerabilities
[Update 01/25/06 - This blog is now also available as a webcast .] I'm often asked - "what's the best way to find vulnerabilities?". That's kind of like asking "what's the best way to become a millionaire?". It depends.
Read More...
Why We’re Failing At Application Security
We are failing at application security. Need proof? Look no further than the vulnerability statistics released by Mitre earlier this year. While network vulnerabilities such as buffer overflows have slowly been decreasing over the years, web application
Read More...
Microsoft Black Tuesday - November 2006
Microsoft came out with a moderate collection of vulnerabilities for the month of November. The six security bulletins included a total of nine vulnerabilities with the following breakdown for maximum severity: 7 Critical 1 Important 1 Moderate This month's
Read More...
Top 10 Signs You Have an Insecure Web App
I often surf the web and see blatant design errors that make me shake my head. Without even investigating the security of a site, I know without a doubt that the site will be chock full of vulnerabilities. How can I be so sure? I see programming mistakes
Read More...
Search
Go
This Blog
Home
Email
Tags
0day
AJAX
Binary Search
Black Tuesday
blacklist
certificates
Code Search
ColdFusion
EV SSL
google
Microsoft
Patches
phishing
resolutions
SQL Injection
SSL
Web 2.0
XSS
Navigation
Home
Blogs
Forums
Photos
Downloads
Archives
January 2008 (1)
June 2007 (2)
May 2007 (1)
April 2007 (2)
March 2007 (1)
February 2007 (3)
January 2007 (5)
December 2006 (4)
November 2006 (4)
October 2006 (3)
September 2006 (6)
August 2006 (1)
SPI Links
SPI Product News
Developer Security
SPI Dynamics
SPICON 2006
Syndication
RSS 2.0
Atom 1.0