http://doboard.com do... Web Application Security and Development Tue, 08 Jul 2008 05:53:46 +0000 http://wordpress.org/?v=2.6 en http://doboard.com/2008/06/04/how-to-make-application-security-suck-less/ http://doboard.com/2008/06/04/how-to-make-application-security-suck-less/#comments Wed, 04 Jun 2008 11:55:13 +0000 Barry http://doboard.com/2008/06/04/how-to-make-application-security-suck-less/ http://doboard.com/2008/06/04/how-to-make-application-security-suck-less/feed/ http://doboard.com/2008/04/13/dc-php-conference-expo-june-2-4-2008/ http://doboard.com/2008/04/13/dc-php-conference-expo-june-2-4-2008/#comments Sun, 13 Apr 2008 18:33:38 +0000 Barry http://doboard.com/?p=16 http://doboard.com/2008/04/13/dc-php-conference-expo-june-2-4-2008/feed/ http://doboard.com/2008/03/26/shmoocon-memories/ http://doboard.com/2008/03/26/shmoocon-memories/#comments Thu, 27 Mar 2008 02:44:45 +0000 Barry http://doboard.com/2008/03/26/shmoocon-memories/ http://doboard.com/2008/03/26/shmoocon-memories/feed/ http://doboard.com/2008/02/08/owasp-february-2008/ http://doboard.com/2008/02/08/owasp-february-2008/#comments Sat, 09 Feb 2008 01:44:52 +0000 Barry http://doboard.com/2008/02/08/owasp-february-2008/ http://doboard.com/2008/02/08/owasp-february-2008/feed/ http://doboard.com/2008/01/31/capsec-january-2008/ http://doboard.com/2008/01/31/capsec-january-2008/#comments Thu, 31 Jan 2008 17:56:39 +0000 Barry http://doboard.com/2008/02/01/capsec-january-2008/ http://doboard.com/2008/01/31/capsec-january-2008/feed/ http://doboard.com/2008/01/21/20-hacker-tricks-for-attacking-web-apps/ http://doboard.com/2008/01/21/20-hacker-tricks-for-attacking-web-apps/#comments Mon, 21 Jan 2008 09:57:37 +0000 Barry http://doboard.com/2008/01/21/20-hacker-tricks-for-attacking-web-apps/ http://doboard.com/2008/01/21/20-hacker-tricks-for-attacking-web-apps/feed/ http://doboard.com/2007/11/12/what-is-security-really/ http://doboard.com/2007/11/12/what-is-security-really/#comments Tue, 13 Nov 2007 01:00:10 +0000 Barry http://doboard.com/2007/11/12/what-is-security-really/ The product vendors would like you to believe that. "Preventing and fixing known security holes like XSS, SQL injection and CSRF." A good web developer might say that. "Efficiently detecting and blocking hacking attempts." Spoken like someone who has been in the trenches. Whack-a-mole at Internet speed. "Complying with security rules and requirements." Smells like bureaucrats. Hopefully the thousands (!) of requirements aren't constantly changing, poorly written, contradictory, or ill-conceived... With more variations than we can count, there has to be a better way to get a handle on security. So what's the bottom line?]]> http://doboard.com/2007/11/12/what-is-security-really/feed/ http://doboard.com/2007/11/12/dc-php-conference-2007-security-highlights/ http://doboard.com/2007/11/12/dc-php-conference-2007-security-highlights/#comments Tue, 13 Nov 2007 00:15:11 +0000 Barry http://doboard.com/2007/11/12/dc-php-conference-2007-security-highlights/ http://doboard.com/2007/11/12/dc-php-conference-2007-security-highlights/feed/ http://doboard.com/2007/11/12/q-a-risk-of-duplicates-when-using-md5/ http://doboard.com/2007/11/12/q-a-risk-of-duplicates-when-using-md5/#comments Mon, 12 Nov 2007 21:49:20 +0000 Barry http://doboard.com/2007/11/12/q-a-risk-of-duplicates-when-using-md5/ http://doboard.com/2007/11/12/q-a-risk-of-duplicates-when-using-md5/feed/ http://doboard.com/2007/11/06/dc-php-conference-2007/ http://doboard.com/2007/11/06/dc-php-conference-2007/#comments Wed, 07 Nov 2007 04:52:08 +0000 Barry http://doboard.com/2007/11/06/dc-php-conference-2007/ http://doboard.com/2007/11/06/dc-php-conference-2007/feed/