|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Jan Muenther (jan.muenther
nruns.com)
Date: Mon Dec 15 2008 - 14:55:37 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> If any of you has pointers to some documents that systematically
> point out all the risks and alternative ways to mitigate them it
> would help me a lot.
>
Have you read Brad Hill's stuff on the topic?
http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf
http://seattle.toorcon.org/2007/talks/bradhill.ppt
Cheers,
Jan
--
Jan Muenther, CTO Security, n.runs AG
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now
www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]