Category: Application Security

Are SSL implementation Problems Policy Problems?

Another interesting article from ThreatPost, which highlights a problem faced by many of us. TLS/SSL implementation is something which often taken for granted. It is one of the most misunderstood aspects of security. Like firewalls, those who don’t fully understand security perceive SSL and Firewalls as magic pills, which will solve all the security problems.…

October 20, 2012
Don’t call me Shirley!

The other day someone came into my office and asked: “Why should I have to validate the web form input at the web server? Surely it better to do it in the browser!” *Humph!* “I can think of many reasons why you are wrong”, I said, “and don’t call me Shirley!” Firstly, and I can…

October 15, 2012

Are SSL implementation Problems Policy Problems?