Pravir Chandra talks about the OWASP OpenSAMM project and software maturity models in general. Pravir has been deep in this space for some time and even provides us with the inside scoop as to how OpenSAMM relates to BSIMM!
To listen to OWASP Podcast #14 you can, download the mp3 file directly , subscribe to the RSS feed or subscribe directly through iTunes!
Wednesday, March 25, 2009
Wednesday, March 18, 2009
OWASP Podcast #13 - Newscast for March 09
OWASP Podcast #13 - the OWASP newscast for Match 2009 - is now live!
OWASP Podcast #13 features Andre Gironda, Jeff Williams and Arshan Dabirsiagh. The show is hosted by me, Jim Manico. Andre did all of the extensive copy editor work.
To listen to OWASP Podcast #13 you can, download the mp3 file directly, subscribe to the RSS feed, subscribe directly to iTunes, or listen right now!
We cover a very wide array of web app sec news topics. I hope you enjoy the show!
OWASP Podcast #13 features Andre Gironda, Jeff Williams and Arshan Dabirsiagh. The show is hosted by me, Jim Manico. Andre did all of the extensive copy editor work.
To listen to OWASP Podcast #13 you can, download the mp3 file directly, subscribe to the RSS feed, subscribe directly to iTunes, or listen right now!
We cover a very wide array of web app sec news topics. I hope you enjoy the show!
Wednesday, March 11, 2009
OWASP Podcast #12 - Interview with Ryan C. Barnett
Ryan Barnett talks about the OWASP ModSecurity core ruleset project and WAF technology in general. Ryan has such incredible experience in this space - this one is definately a "must listen" for anyone who deals with web application security operations.
To listen to OWASP Podcast #11 you can, download the mp3 file directly , subscribe to the RSS feed or subscribe directly through iTunes!
To listen to OWASP Podcast #11 you can, download the mp3 file directly , subscribe to the RSS feed or subscribe directly through iTunes!
Wednesday, March 4, 2009
OWASP Podcast #11 - Interview with Steve Christey and Bob Martin from MITRE
Steve and Bob give us the "inside scoop" as to how the CWE Top 25 Programming Errors list was created.
To listen to OWASP Podcast #11 you can, download the mp3 file directly , subscribe to the RSS feed or subscribe directly through iTunes!
To listen to OWASP Podcast #11 you can, download the mp3 file directly , subscribe to the RSS feed or subscribe directly through iTunes!
Monday, March 2, 2009
HTTPOnly Supported in Tomcat 6.0.19+
Jeff caught it first, but the upcoming release of Tomcat 6.0.19 will include HTTPOnly session cookie support!
This upcoming feature will be disabled by default and you will need to use the following setting to enable it.
<Context><Manager useHttpOnly="true" /></Context>
To quote someone from the Apache crowd: "If you're interested in getting the next release out more quickly, perhaps you could volunteer to fix some bugs? " =)
This upcoming feature will be disabled by default and you will need to use the following setting to enable it.
<Context><Manager useHttpOnly="true" /></Context>
To quote someone from the Apache crowd: "If you're interested in getting the next release out more quickly, perhaps you could volunteer to fix some bugs? " =)
Subscribe to:
Posts (Atom)