Imperva(tm)'s Application Defense Center (ADC) has released a new white paper titled How Safe is it Out There
(Zeroing in on the
vulnerabilities of application security). The paper, written by Moran
Surf and Amichai Shulman, presents a statistical analysis of results
obtained from numerous application level penetration tests performed
for various customers over the years 2000 - 2003.
June 2004 Archives
As seen on Slashdot - In an article on DBAzine, Fabian Pascal writes that SQL is not a good representation of the relational data model, and is afraid the situation will get worse with XML and XQUERY. An overview of some of the reactions on the positions Pascal and also C.J. Date take on this issue is given in this article over at SearchDatabase.com by Sara Cushman.
As seen on the Web Application Security Mailinglist, Jeff Williams has posted a collection of regular expressions
for validating data input in webapps. Input validation shouldn't just
be left to 'best practice' or whatever individual developers want to
do. It takes some real design thinking to get it right for an
enterprise application.
Netcraft reports,
that FreeBSD is often overlooked when people discuss the relative
success of the rival operating system platforms in use on the Internet.
However, it has a secured a strong foothold within the hosting
community and continues to grow, gaining over a million hostnames and
half a million active sites since July 2003.
