Broken Web Applications VM Version 0.9 Released

Written by Chuck Willis

As I mentioned in my previous post, I have been working on creating a Linux Virtual Machine containing a variety of vulnerable web applications. Just in time for the OWASP AppSec DC Conference, version 0.9 of the VM has been released! Read the rest

Tags: OWASP, VM, Web Application

The 2009 CWE/SANS Top 25 (and security in unmanaged code)

Written by Chuck Willis

Over the past couple months, I had the good fortune of providing some input to the process of creating the “2009 CWE/SANS Top 25 Most Dangerous Programming Errors”. The goal of the project was to create a “list of the most significant programming errors that can lead to serious software vulnerabilities”. Read the rest

Tags: CWE/SANS, managed code, OWASP, Programming errors, SANS, Software vulnerabilities

Channels

Recent Posts

• Education and Information Sharing Top Priority at 2012 DoD Cyber Crime Conference
• Executive Breakfast Briefing with Former DHS Secretary Michael Chertoff
• Vulnerability and Exploit Terminology Webinar
• Creating an IOC to Spot the Duqu Family
• Using Redline & OpenIOC to Build Effective Indicators

Follow us on Twitter

• Mandiant: RT @cbentle2: @OpenIOC Updated #IOC posted https://t.co/Y2PGTuqE #dfir
• Mandiant: M's Michael Sikorski wrote a book, "Practical Malware Analysis" & will be hosting a webinar to discuss it! 2/29 2PM ET http://t.co/fd7Bf8Vj
• Mandiant: @_saadk Thanks for the #FF!

MANDIANT News

• Gartner Security and Risk Management Summit 2012
• CEIC Conference 2012
• New York Executive Briefing: Combating Advanced Targeted Cyber Attacks
• RSA Conference 2012