Feed aggregator

lvanstechelman: For Better Password Policies: OWASP Passfault http://t.co/Tyzk2z6V

My posts on Twitter - Thu, 10/05/2012 - 07:16

lvanstechelman: For Better Password Policies: OWASP Passfault http://t.co/Tyzk2z6V

lvanstechelman: XSS attack vector: Eval a url http://t.co/XbbtbivM

My posts on Twitter - Tue, 08/05/2012 - 17:27

lvanstechelman: XSS attack vector: Eval a url http://t.co/XbbtbivM

lvanstechelman: New Product: Google Drive http://t.co/OlfyF4oO

My posts on Twitter - Wed, 25/04/2012 - 07:25

lvanstechelman: New Product: Google Drive http://t.co/OlfyF4oO

lvanstechelman: @ZIONSECURITY According to http://t.co/i073PUwc the attribute must case-insensitively match the string "HttpOnly"

My posts on Twitter - Tue, 24/04/2012 - 15:22

lvanstechelman: @ZIONSECURITY According to http://t.co/i073PUwc the attribute must case-insensitively match the string "HttpOnly"

lvanstechelman: @ZIONSECURITY My logs contain requests containing the GET parameters like requested by the end-user e.g. /user/login?destination=node%2F1

My posts on Twitter - Mon, 23/04/2012 - 13:27

lvanstechelman: @ZIONSECURITY My logs contain requests containing the GET parameters like requested by the end-user e.g. /user/login?destination=node%2F1

lvanstechelman: @ZIONSECURITY Indeed, and also the websites which still expose the session identifiers in URL parameters (https://t.co/Oj0sZ9Bu)

My posts on Twitter - Mon, 23/04/2012 - 08:15

lvanstechelman: @ZIONSECURITY Indeed, and also the websites which still expose the session identifiers in URL parameters (https://t.co/Oj0sZ9Bu)

lvanstechelman: @ZIONSECURITY Those AV-vendors visiting my website don't have session cookies, so many requests fail. Do you see the same behaviour?

My posts on Twitter - Mon, 23/04/2012 - 07:39

lvanstechelman: @ZIONSECURITY Those AV-vendors visiting my website don't have session cookies, so many requests fail. Do you see the same behaviour?

Navigation

About me

My posts on Twitter

lvanstechelman: For Better Password Policies: OWASP Passfault http://t.co/Tyzk2z6V

lvanstechelman: XSS attack vector: Eval a url http://t.co/XbbtbivM

lvanstechelman: New Product: Google Drive http://t.co/OlfyF4oO

lvanstechelman: @ZIONSECURITY According to http://t.co/i073PUwc the attribute must case-insensitively match the string "HttpOnly"

lvanstechelman: @ZIONSECURITY My logs contain requests containing the GET parameters like requested by the end-user e.g. /user/login?destination=node%2F1

lvanstechelman: @ZIONSECURITY Indeed, and also the websites which still expose the session identifiers in URL parameters (https://t.co/Oj0sZ9Bu)

lvanstechelman: @ZIONSECURITY Those AV-vendors visiting my website don't have session cookies, so many requests fail. Do you see the same behaviour?

lvanstechelman: Microsoft April 2012 Black Tuesday Update - Overview, (Tue, Apr 10th) http://t.co/bO2MoJfm

lvanstechelman: A tool exploiting MS12-020 vulnerabilities http://t.co/Tc7WPDdO

lvanstechelman: Announcing the SSL/TLS Deployment Best Practices guide http://t.co/7mdBX5nO