August 2008 - Posts
Close on the heels of David Ross' XSS defense in IE8 beta 2, my boss, Steve Lipner just posted an article looking at XSS filter from an SDL perspective. While I'm on the subject of XSS and Dave, if XSS is an area of interest to you, you really should
Read More...
Every once in a while a security bug pops up that really piques my interest, and a new directory traversal bug that affects Apache Tomcat (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938) most certainly made me take notice because I haven't
Read More...
Good news! Matt Miller, author of plenty of cutting-edge security research, including my fave “ A Brief History of Exploitation Techniques and Mitigations on Windows ” has joined the Security Science team to work on improved ways to find security vulnerabilities
Read More...
I just wrapped up a post over on the SDL blog with some comments about an article on Google's security work.
Read More...
http://twitter.com/alexsotirov/statuses/882866444
Read More...
