Other Diversions

security

politics

religion

technology

news

friends

Science / Skepticism


Powered by MT Blogroll

Bookmooch!

Mooch/Give books at bookmooch.com

Current Reading List

Recently Read

Latest Music

Reading Queue

« Linksys unofficial firmware: DD-WRT | Juxtaposition Home | iPhone insecurity hype »

OnSecurity podcast: taking issue with PCI DSS Web Application Firewall Requirements

I already have noted that equating a web app firewall to a security source-code-reviewed and threat-modeled application is ridiculous.  Dinis Cruz will remind you that the most devastating web application flaws are business logic flaws that none of these devices will find.  Even web application scanners are ineffective for most things beyond low hanging fruit.

Holes in the Firewall?


Holes in the Firewall?
Are there shortcomings in the application layer firewall requirements
set by the PCI Security Standards Council? Paul Henry, vice president
of technology and evangelism at Secure Computing Corp., thinks so, and
explains to Lisa Vaas in the OnSecurity podcast.

Posted by on August 22, 2007 11:00 PM | |

TrackBack

TrackBack URL for this entry:
https://juxtaposition.axley.net/blog-bin/mt-tb.cgi/701

Post a comment

«« September 2007

Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      
Contact: Jason Axley

Search Amazon:

Amazon Logo

Search


Tag cloud

Archives by Category

Archives

Recent Posts

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.34