Defense in Depth: It’s for Programmers, Too!

“But, we took care of that before, didn’t we?” asked a participant in a web application security course I taught recently. It was a good, logical question. We were discussing “SQL injection” a process where an attacker enters database commands into a website field – in, say a forum or comment section – that could […]
Read More ›

Injection Attacks: What They Are and How to Prevent Them

One topic we discuss in Learning Tree’s System and Network Security Introduction and  Defending the Perimeter from Cyber Attacks courses is “code injection.” I wrote a bit about this four years ago, but I want to provide more detail as these attacks are not going way as quickly as we thought they might. Wikipedia defines […]
Read More ›

Your New Device Probably Isn’t Secure

The overwhelming majority of people who purchase computer and networking equipment – whether for home or office – seem to believe that the products will be secure. They probably aren’t. I’ve talked about default passwords before. The basic idea is that manufacturers want to make their products easy for purchasers to configure. To that end, […]
Read More ›

Injections (Not the Kind from the Doctor!)

Dark Reading reported in early May of this year that injection attacks are on the rise again. Injection attacks were also number one on the OWASP (Open Web Application Security Project) Top Ten for 2011. The OWASP Top Ten project describes itself  as “a broad consensus about what the most critical web application security flaws […]
Read More ›

Type to search blog.learningtree.com

Do you mean "" ?

Sorry, no results were found for your query.

Please check your spelling and try your search again.