-
Application Security Fundamentals
            Cybercrime: An Introduction -Deeper Dive: Reading Room
                Glossary of Information Security Terms
                   http://www.sans.org/resources/glossary.php
                   http://csrc.nist.gov/publications/nistir/NISTIR-7298_Glossary_Key_Infor_Security_Terms.pdf

   More onthe “Data Lost Issue” –“Two CD’s were lost...” and its investigation
   http://www.silicon.com/research/specialreports/digitaldefences/0,3800014341,3916921700.htm
   http://www.silicon.com/research/specialreports/digitaldefences/0,3800014341,39169225,00.htm

 Listings of data losses in the news - 1,000 breaches, more than 330 million records from Jan 2000  - Jun 2008
 http://attrition.org/dataloss/
Attackers changing from for-fame to for-profit
http://news.zdnet.com/2100-1009-5772238.html
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=160403715
http://www.cio.com/article/144950/Report_Hackers_to_Target_Web_._Mobile_RFID_Technologies_in_

NIST Special Publication 800-12, An Introduction to Computer Security, List of Common Threats

http://csrc.nist.gov/publications/nistpubs/800-12/800-12-html/chapter4.html

RBN Information:
http://www.itbusiness.ca/it/client/en/home/News.asp?id=48833
http://www.darkreading.com/document.asp?doc_id=138538
http://rbnexploit.blogspot.com/
http://blog.washingtonpost.com/securityfix/2007/11/russian_business_network_down.html
http://observer.guardian.co.uk/magazine/story/0,,2222935,00.html
http://www.eweek.com/c/a/Security/RBN-Gang-Moves-Sets-Up-Shop-in-China/
http://blog.washingtonpost.com/securityfix/2008/05/most_spam_sites_tied_to_a_hand_1.html
 
Security Misconceptions: SSL -Deeper Dive: Reading Room  
http://no-tech-problems.blogspot.com/2005/06/removing-rogue-pop-ups.html

Merchant-PoV SSL Discussion From the Merchant's point of view, a few words about how SSL is not a silver bullet solution
http://www.safemerchant.com/resources/articles/ssl.php

SecTools.Org: Top 125 Network Security Tools
http://sectools.org/
Top 15 Security/Hacking Tools & Utilities
http://www.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/

Comments

Post a Comment

Popular posts from this blog

Cloud Computing in simple

-
Cloud Computing =   Infrastructure as a Service (IaaS) + Platform as a Service (PaaS) + Software as a Service (SaaS) Cloud computing, also known as Cloud Technology, Cloud Applications or Cloud-based services. Cloud Computing is the practice of using a network of remote servers hosted on the internet to store, manage and process data, rather than a local server or a personal computer. Examples of cloud-based services include customer self-scheduling, data storage, online payment, and accounting software Different Type of Clouds Infrastructure as a Service (IaaS)  – Allows users with the services like Virtual servers, Virtual storage, Physical Database, Virtual Network, Physical Network. E.g. Google Storage ,  IBM Cloud Computing ,  Nimbus Platform as a Service (PaaS)  – Provides computational resources via a platform upon which applications and services can be developed and hosted. E.g. Databases, Data Stores,  Force.com ,  Google App Engine ,  Windows Azure  (Platform). Soft
Read more

How to Write an Effective Design Document

-
Image
How to Write an Effective Design Document Why write a design document? A design document is a way for you to communicate to others what your design decisions are and why your decisions are good decisions. Don’t worry if your design is not UML compliant and don’t worry if you didn’t use a special modeling tool to create it. The biggest factor that determines if your design document is good is whether or not it clearly explains your intentions. This presents a problem, however. In order to convey design decisions, you have to consider the audience that you are writing for. A peer developer will understand why a well-crafted class abstraction is a good design, however your manager will probably not. Because your peer developers and your manager have different concepts of what makes a design good, there is a need for two design documents; one for peer developers and one for managers. Each document serves a different and equally valuable purpose as you begin your project development. I
Read more

Bookmark

-
Good Blog about Architecture & design Patterns:   http://martinfowler.com/bliki/ http://www.sharepoint-videos.com/ http://go.cloudshare.com/Linkedin_ProPlus_SharePoint.html A Technical Q/A site: http://www.bookmarkresource.com http://blog.krisvandermast.­ com/ASPNET20PageLifeCycle.aspx http://blogs.vertigosoftware.­ com/shannonf/archive/2005/08/­ 07/1355.aspx http://john-sheehan.com/blog/­ net-cheat-sheets/ http://www.eggheadcafe.com/­ articles/20051227.asp http://duartes.org/gustavo/­ articles/Asp.net-Runtime-­ Cheat-Sheet-HttpRequest-­ HttpRuntime.aspx http://www.addedbytes.com/­ cheat-sheets/javascript-cheat- ­sheet/ http://www.antsmagazine.com/­ 2009/04/100-useful-cheat-­ sheets-for-web-designers-­ developers/ Nice link abt .Net 3.5: http://www.simple-talk.com/ dotnet/.net-framework/.net-3. 5-language-enhancements/ nice articles about JQuery. http://encosia.com/2008/05/29/ using-jquery-to-directly-call- aspnet-ajax-page-methods/ http://encosia.co
Read more