J.D. Meier of Patterns & Practices just published some work that I did recently for P&P up on Channel 9. This is yet another reason I've been dark ;-)
There are six modules, each with a 5-10 minute demo where I'm showing attack and defense for various input validation vulnerabilities like cross-site scripting. Then there's a corresponding lab that will walk you through the problem and show you how to fix it.
These are security basics that every developer should know, not just the guy in charge of the security system. I've often said that every developer in the world needs to have at least a day of basic security training, and this is one way to get at least part of that training in the comfort of your own home.
Please enjoy and tell your friends (and J.D.) if you like what you see!
Posted
Feb 22 2006, 01:49 PM
by
keith-brown