Welcome (Logout) Login or Register

Neil Smithline: Publications

Lead author beginning work on OWASP.org's 2009 Top 10 Secure Coding Practices.
Key reviewer and contributor for OWASP.org's Top 10 2007 Web Vulnerabilities.
CSOOnline Article: Attack Dangers Posed by 'Innocent' Files.
Weblogic Developer's Journal Article Discussing WebLogic Server Extensions to JEE Security
Writing Secure Enterprise Applications, BEA's dev2dev site, July 2005.
BEA Blog, My blog written while working at BEA Systems.

1. No-Risk Security Assessment
Read about our low-priced No-Risk Security Assessment — Only pay if you are satisfied.
2. Free Web App Security Quiz
We offer a free, 10 question Web Application Security Quiz covering topics in the OWASP.org's 2007 Top Ten Web Vunerabilities. Detailed explanations for every wrong answer. Take the quiz. Have your friends take it. Compare your scores with them — if you dare...

Google Chrome: A demonstration of how inadequate process can defeat any technical expertise
by Neil Smithline Google's introduction of the Chrome browser has demonstrated the negative ramifications on security that occurs from insufficient process.
Vista's Slow Adoption Raises Security Concerns
by Neil Smithline The use of Vista in the immediate future should be for non-critical systems until it sees a longer and stronger adoption to shake out the most obvious security vulnerabilities.
Web Seen as Lacking Even in Basic Security
82% of Sites Have Security Flaws, 61% Have Serious Security Flaws
Attack Dangers Posed by 'Innocent' Files
A carefully designed data file (eg: a .doc file or .gif) can leverage vulnerabilities in the programs that open them and become vectors for the spread of potentially harmful viruses.
Confidential Data: You're Giving Away Your Corporate Secrets!
"Innocuous" data can lead to a major break-in. Most sites need to radically redefine their definition of "sensitive data".