The Web Security Testing Cookbook gives developers and testers the tools they need to make security testing a regular part of their development lifecycle.
Information
- Founded:
- October 2008
Events
2 past eventsSee All
- AJAX Testing Inside and Out
The Rosen Centre Hotel
Tuesday, May 5 at 8:30am - Paco Hope speaking at FutureTe...
Roosevelt Hotel
Tuesday, February 24 at 11:15am
Notes
3 of 20 notesSee All
- Geek Humor: White Hat Hacker Man 11:50am Oct 16
- Cookbook Nominated for Automated Honors Award 7:50am Aug 24
- Add N Edit Cookies for Firefox 3.5 12:41pm Aug 12
I made a parody song that's mainly about computer security and the kind of work I do over at Cigital. It's called White Hat Hacker Man and it's to the tune of Billy Joel's Piano Man. Lyrics are below.
The Web Security Testing Cookbook has been nominated for an Automation Honors Award by ATI (automated testing institute). Vote for it on their voting page.
The Add N Edit Cookies add-on for Firefox is a vital one for web security testing, but it tends to be maintained sporadically. The current version downloadable from addons.mozilla.org will tell you that it does not support Firefox 3.5...
For those of you incorporating static source code analysis into your software security testing, NIST has a special division that bears watching. SAMATE is the Software Assurance Metrics And Tool Evaluation group...
I recently read Ari Takanen's Fuzzing for Software Security Testing and Quality Assurance. This is a valuable book on fuzz testing, and timely.
My friends over at Sticky Minds picked up a UPI article about Norm Coleman's campaign office being hacked into. It's a summary of an original article in The Hill. For many years we've been fighting this knee-jerk security reaction that if it's a "security" issue, it must be a "firewall" issue...
Web Security Testing Cookbook We're now on Twitter. Follow webcookbook to see what's going on with Ben, Paco, and security testing recipes
The Wall Street Journal ran a story about Gary McGraw's Building Security In Maturity Model (BSIMM). This model, which is free to download and use, aims to help organizations put security into all aspects of their software development lifecycle...
The Wall Street Journal ran a story about Gary McGraw's Building Security In Maturity Model (BSIMM). This model, which is free to download and use, aims to help organizations put security into all aspects of their software development lifecycle...
I read a blog entry about "re-aligning training expectations for QA." It has some useful points that both developers and so-called "security people" need to hear...
I read a blog entry about "re-aligning training expectations for QA." It has some useful points that both developers and so-called "security people" need to hear...
Over the last three years, Silver Bullet listeners and sc-l subscribers have occasionally asked Gary McGraw to interview more "practitioners." Instead of changing the mission of Silver Bullet, he decided to create a new podcast and focus it exclusively on practical software security...
Paco uploaded two new videos that you can watch from the book's Facebook page. They demonstrate how to use Firebug to do some harmless cheating in a couple Facebook games: WordTwist and Pirates, both by Zynga.
RECENT ACTIVITY
Web Security Testing Cookbook discussed What would you like to see demonstrated? on the Web Security Testing Cookbook discussion board.
Web Security Testing Cookbook discussed What would you like to see demonstrated? on the Web Security Testing Cookbook discussion board.
