Bryan Sullivan's Web Blog
Thoughts on web application security
REST and XSRF, Part One
Hi everyone. In case you missed my talk at Black Hat, “REST for the Wicked”, I wanted to give you...
Author: bryansul Date: 08/15/2008
Show some respect to XSS
StickyMinds.com has just posted an article of mine on the dangers of XSS. (Although they still have...
Author: bryansul Date: 06/11/2008
SQL injection in classic ASP
In light of the recent wake of SQL injection attacks on ASP sites, I'd like to highlight some...
Author: bryansul Date: 05/30/2008
Web Application Firewalls in Practice - or - Yes, Jeremiah, Secure Software Does Matter
There's been a lot of renewed interest in web application firewalls lately. In the past, I haven't...
Author: bryansul Date: 05/19/2008
Cross-domain XHR will destroy the internet
Ok, maybe “destroy the internet” is a little harsh. But let’s take a look the impact that...
Author: bryansul Date: 04/04/2008
BlueHat shows some love to web app security
If you haven't heard yet, BlueHat v7 is dedicating the entire block of morning sessions to web app...
Author: bryansul Date: 03/24/2008