Google is continuing its incursion into the security world with the release of its passive Web-application security assessment tool, Ratproxy. The tool differs from most of the other Web app security tools in that it does not actively crawl applications looking for common security problems. Instead, it passively monitors the interactions between a browser and [...] read more »
Researchers at Cenzic discovered a vulnerability in Yahoo Mail they said could allow attackers to steal Yahoo identities and potentially access users’ sensitive information.The company, a Web application security provider based in Santa Clara, Calif., notified Yahoo of the cross-site scripting flaw in its popular Web mail program on May 23 and Yahoo fixed it [...] read more »
Consolidation continued at a rapid clip with the data loss prevention and Web application security markets seeing the most activity
Firewall vendor NetContinuum was quietly snatched up last month by Barracuda Networks, a vendor looking to capitalize on the growing demand for Web application security tools.
Chris Hoff at Rational Security has an interesting post up today on the problems that researchers face when looking for vulnerabilities in Web-based applications. The basic problem boils down to this: Web applications run on remote servers, not on the researcher’s machine, which means any misuse of those applications can be viewed as an attack, [...] read more »
One of the side benefits of covering shows like the Gartner IT Security Summit, RSA, Black Hat and others is that it gives us a chance to catch up with some of our sources whom we only see a few times a year. And it also is a great opportunity to get the latest industry [...] read more »
Get SecGeeks Feeds in your email:
add me on gtalk: secg33k@gmail.com
