Archive: October, 2008
Proxy Caches and Web Application Security
View SlideShare presentation or Upload your own.
Read moreWall Street Firms Using CEP to Measure and Manage Risk
Oct 27, 2008 By Penny Crosman URL: http://www.wallstreetandtech.com/showArticle.jhtml?articleID=211300559 One of the many effects of the credit crisis is that Wall Street firms have found a new focus for their complex event processing projects. Although they’re not abandoning CEP-based algorithmic trading, new CEP initiatives are focused on measuring and managing risk. With its ability to watch [...]
Read moreComments on Proxy Caches and Web Application Security (OWASP Taipei)
Hello from Taipei. We just completed an absolutely awesome OWASP conference (over 1200 attendees), OWASP AppSec Asia 2008 – Taiwan. This was a very well managed conference, organized by Wayne Huang, OWASP Taiwan Chapter Leader and Founder and CEO of Armorize. In a future post, when I get links to other speaker’s presentations, I will [...]
Read moreAF083-022: Visualization for Command and Control of Cyberspace Operations
AF083-022 TITLE: Visualization for Command and Control of Cyberspace Operations TECHNOLOGY AREAS: Air Platform, Information Systems, Space Platforms, Human Systems The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), which controls the export and import of defense-related material and services. Offerors must disclose any proposed use of foreign nationals, [...]
Read moreOWASP European Summit – Portugal
Portugal/Algarve – 4th – 7th November 2008 Setting the Web Application Security Agenda for 2009: OWASP Invites You to Join Our Summit in Portugal http://www.owasp.org/index.php/OWASP_EU_Summit_2008 With the theme ‘Setting the AppSec agenda for 2009′, the OWASP Summit will be a worldwide gathering of OWASP leaders and key industry players to present and discuss the latest [...]
Read moreOWASP AppSec Asia 2008 – Taiwan
Here is the latest on OWASP AppSec Asia 2008 – Taiwan. I will be giving a talk on Oct 27th about Proxy Caches and Web Application Security–using the recent Google Docs 0-day as an example. Some of the background for this presentation are Proxy Caches are a Challenging Threat to Internet Security and A New [...]
Read moreThe Motivation Behind Adaptive Analytics and CEP
This is a continuation of The Genesis of Complex Event Processing: Asymmetric Capabilities and CEP, Event Noise and Asymmetric Event Processing where I have been discussing the motivation behind CEP and adaptive analytics in cyberspace. Around the same time that Professor Luckham and his team was working on CEP applications in network management and security [...]
Read moreProxy Caches are a Challenging Threat to Internet Security
Proxy caches, combined with poorly written session management code, can easily leads to serious security flaws similar to what we highlighted in A New Security Breach in Google Docs Revealed. Web developers have no control over proxy caches in the Internet. However, developers do have control of the code they write and their admin teams [...]
Read moreOWASP AppSec Asia 2008: Proxy Caches and Web Application Security
Back to travelling a bit, I have accepted an invitation from Wayne Huang, Chapter Leader, OWASP Taiwan, to give the following presentation at OWASP AppSec Asia 2008, October 27 – 28, 2008, in Taipei: Proxy Caches and Web Application Security Abstract: Proxy caches, combined with poorly written session management code, can easily lead to serious [...]
Read moreModelling The Global Financial Meltdown
Yesterday I received a call from Penny Grosman, Senior Editor, Wall Street & Technology. Penny was interested in my opinion, “Will risk management applications be the next killer app for CEP” on Wall Street. I enjoyed talking with Penny. She caught up with me leaving a tailor’s shop in Chiang Mai, so I hope [...]
Read more