Site menu:

Welcome | Products & Services | Security Portal | Commentary | Employment | FAQ | Privacy |

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at Sûnnet Beskerming.

Username: | Password: Contact us to request an account

Developing Safe Sites is Hard

Developing safe websites is a difficult task for any developer, so when the experts are caught developing and operating sites that are vulnerable to attack, it is a timely reminder that keeping systems safe against potential attack takes a lot of work.

It was recently disclosed that the Internet Storm Center (part of SANS) was vulnerable to an XSS attack through the search box on the site. While there are many, many sites vulnerable to XSS attacks, public acknowledgement of the issue by site administrators is rare. The developer's initial reaction of scepticism and denial provides an insight into how a significant percentage of vulnerability notifications proceed - ignorance or dismissal of the report, even more so from those who are 'experienced' or 'expert' security personnel.

4 June 2007

Social bookmark this page

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.

More information:

Subscribe to our feed.

Commentary & Insight From Sûnnet Beskerming20082007 - December - November - October - September - August - July - JuneHunting SafariAcknowledging the Importance of Web SecurityA BlackHat ShowdownVista Security Claims Not All They AppearMicrosoft.co.uk Loses FaceHarry Potter Real-World PSYOPSQuicken Recovery Password Discovered?Data Theft Incident WorsensHey, What are Those Ads Doing?Symantec's Challenge to SiteAdvisorFrench Government BlackBerry use CurtailedVista's Changes Not Enough, Says GoogleThe Tribulations of Government ITConsolidation in the Security IndustryNew Web Attack Platform Draws AttentionWhat is the Value of Your Credit Card Details?Apple Release New Point ReleaseMicrosoft Movements With Widespread EffectsHiding What is in use on VistaYahoo! Founder Steps Back in as CEOProblems in Custom Search EnginesThe Art of Seeing What's Not ThereGaming the System = $1,000,000 USD?An Apple a DayMicrosoft's June Security Patch ReleaseFrom Release to Attack in a Few HoursMore Results From the Month of Search Engine BugsInformation Security Expert MovesI Know What You Did Last VisitRecent Yahoo! Messenger Vulnerabilities Attract AttacksThis is not a Real Security UpdateJune 2007 Microsoft Security Patch Advance NotificationRisks of Persistent StorageTech Community Pressure Helps get Case Turned OverWeb Servers as Viewed by GoogleMOSEB UnderwayDeveloping Safe Sites is HardMisidentification HurtsCity Loses Funds After Systems InfectedAntivirus Vendors and Filtering VulnerabilitiesWhen Good Intentions go Bad - May - April - March - February - January20062005

Focussed Advisories

Reach Us:

Reach us at
info@beskerming.com

Reach us via IM

Jabber:
Server - jabber.org.au Account - Sunnet.Beskerming

AIM / iChat:
sunnetbeskerming

ICQ:
339742914

Google Talk:
Sunnet.Beskerming

Yahoo! Messenger:
sunnet.beskerming

MSN:
info@beskerming.com

Testimonials

"...extremely timely, accurate reporting..."

"...honesty which is refreshing..."

Copyright © 2005-2008 Sûnnet Beskerming Pty. Ltd. Design by Andreas Viklund.