WhiteHat Security released their 5th website security statistics report yesterday. They also held a webinar to go over the results, and the website security statistics slides are also available on slideshare. Total Websites: 687 Identified vulnerabilities: 11,234 Unresolved vulnerabilities: 3,541 (66% resolved) Websites HAVING HAD at least one serious issue: 82% Websites CURRENTLY WITH at [...]
Yesterday Jeremiah Grossman and Trey Ford from WhiteHat Security gave a very interesting and fun presentation called 'Get Rich or Die Trying - Making Money on The Web, The Black Hat Way'. They went over several real world examples of business logic flaws, and in some cases profited (a lot) from those flaws. The Get [...]
Yesterday WhiteHat Security had a luncheon at Le Meridien Hotel in San Francisco. Trey Ford presented on the Payment Card Industry (PCI) Data Security Standard section 6.6. And Jeremiah Grossman presented a solution to reduce vulnerability exposure time by virtual patching with F5 Big-IP equipment. I took video of both presentations, but YouTube no longer [...]
The WASC meetup was a few days ago at Jillian's, and I had a blast. It was a great to have conversations with groups of like-minded people during the day, and not at a loud dark bar. Thanks to WhiteHat Security for sponsoring the event, and for the yummy food. Here are a few pictures [...]