I apologize for the shameless self promotion, but I wanted to let you know that the interview I did with Ross Anderson at AppSec EU 2009 [1] is now available as an OWASP Podcast here: http://www.owasp.org/index.php/Podcast_28 and on iTunes [2]. It covers some very interesting topics and expands on some of the issues raised in his keynote on May 13th [3] titled "Web App Security – The Good, the Bad and the Ugly". Definitely worth listening to the 32 minutes - in my humble opinion. You may know Ross Anderson for his very well regarded book Security Engineering [4] which is now in its second edition.
[1] http://www.owasp.org/index.php/OWASP_AppSec_Europe_2009_-_Poland [2] http://itunes.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=300769012 [3] http://www.owasp.org/index.php/OWASP_AppSec_Europe_2009_-_Poland#tab=Conference_-_May_13 [4] http://www.cl.cam.ac.uk/~rja14/book.html Cheers! -- -- Matt Tesauro OWASP Live CD Project Lead http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project http://AppSecLive.org - Community and Download site _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________