Thanks Dave, this is probably why my head hurts. I guess I'm pretty interested in security specific to flash player and how it can be attacked. Fully understand what you're saying though and luckily will not have to document anything for any of the server side web apps.
Adobe does have brief Flash security tutorial and does outline a few of the concerns on OWASP. http://www.adobe.com/devnet/flashplayer/articles/secure_swf_apps_13.html This documentation seems like an okay start for me but am hoping the list can point me in more interesting direction. ----------------------------------------------------------------------- > Well, honestly, most of these issues don't really have anything to do > with Flash, Flex or AIR. They're issues that you face with any > server-side web application. The server-side web application that your > RIA client invokes has to be secure from those common vulnerabilities > listed in OWASP's Top Ten list. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. _______________________________________________ Flashcoders mailing list [email protected] http://chattyfig.figleaf.com/mailman/listinfo/flashcoders _______________________________________________ Flashcoders mailing list [email protected] http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
