Detailed report on this problem (no reg required)
on
Web 2.0 Under Siege
·
· Score: 3, Informative
All:
I encourage all of you to read the detailed report Fortify wrote on this topic. Its written for developers and explains the problem in clear technical detail.
http://www.fortifysoftware.com/advisory.jsp
(No registration required)
Its a long document but I doubt you'll have a lot of questions after reading it.
Its refreshing to see reports written like this that don't insult a developer's intelligence.
Slashdot Mirror
All: I encourage all of you to read the detailed report Fortify wrote on this topic. Its written for developers and explains the problem in clear technical detail. http://www.fortifysoftware.com/advisory.jsp (No registration required) Its a long document but I doubt you'll have a lot of questions after reading it. Its refreshing to see reports written like this that don't insult a developer's intelligence.
Fortify a security static scanner and covers C/C++ as well as Java, JSP, .NET, C#, XML, CFML, PL/SQL and T-SQL.