Interesting links – March 23rd
Some potentially interesting links for March 23nd:
- HowTo: EC2 for Poets – Drool-proof procedure for creating an Amazon EC2 instance (using a pre-configured Windows 2003 AMI). By Dave Winer.
- XSS (Cross Site Scripting) Prevention Cheat Sheet – OWASP – A simple positive model for preventing XSS using output escaping/encoding properly. While there are a huge number of XSS attack vectors, following a few simple rules can completely defend against this serious attack. (XSS defense is more effective using output filtering)
- Understanding and configuring PAM – A basic guide to the Pluggable Authentication Module on Linux, see how to configure PAM, and learn how to design a sample PAM login application in 10 easy steps.
- Building Security In Maturity Model (BSIMM) – BSIMM describes the set of activities practiced by nine of the most successful software security initiatives in the world. In that sense, it is a de facto standard because it’s what organizations actually do. You could say we discovered it rather than dreamed it up. Put together by Gary McGraw (Cigital) and a couple others.
Related posts:
Posted in Interesting |
Tags: amazon, checklist, cloud computing, development, howto, Linux, pam, sysadmin, tips, tutorial, web, webappsec, xss
Tags: amazon, checklist, cloud computing, development, howto, Linux, pam, sysadmin, tips, tutorial, web, webappsec, xss