I am starting a series of entries that aim to provide an overview to major threats related to web service security. My goal is to not only inform people of what some major threats are but also stimulate some discussion and pointers to other threats that people consider interesting.
Before I start I have created this introductory section to ensure there is a common understanding of terminology like threats and vulnerabilities. For a detailed description take a look at JD Meier's blog (http://blogs.msdn.com/jmeier/archive/2005/10/10/478999.aspx), but in short I will standardize on the following definitions:
Over the next couple of weeks I will pull together the different threats and then roll them out onto the https://www.threatsandcountermeasures.com/ wiki... so please ensure you post comments to my entries and definitely point to additional threats that you think should be considered.