My addition: "Security abstracted from process"
You would be surprised how many companies we contact who have been breached who respond with: "we did not know that site existed" "looks like that is hosted on some 3rd party server (damn marketing!) "that is not our site...wait a minute it turns out it is" "port 80 isnt enough security"? -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Juha-Matti Laurio Sent: Thursday, May 07, 2009 6:44 AM To: [email protected] Subject: [funsec] Eight reasons why website vulnerabilities are not fixed Very good points: http://jeremiahgrossman.blogspot.com/2009/05/8-reasons-why-website-vulnerabilities.html Comments are worth of reading too. Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. Protected by Websense Hosted Email Security -- www.websense.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
