Security : How to break your own web application

Almost as bad as thinking ‘nobody can break my web application’ is a bury your head in the sand and think ‘if I don’t try and break it , then it must be working , right?’

The Open Web Application Security Project is a cold dose of reality – it documents what the bad guys already know, and what you should know to actively try and break your own website.

I haven’t tried running any of these against any of the well know Irish Websites, (for obvious reasons), but it would be interesting to see how many would pass these tests … they even provide WebGoat , a piece of software to teach you on how to find (and fix) Security flaws (thanks John for the correction!).

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s