Developing Safe Sites is Hard
Developing safe websites is a difficult task for any developer, so when the experts are caught developing and operating sites that are vulnerable to attack, it is a timely reminder that keeping systems safe against potential attack takes a lot of work.
It was recently disclosed that the Internet Storm Center (part of SANS) was vulnerable to an XSS attack through the search box on the site. While there are many, many sites vulnerable to XSS attacks, public acknowledgement of the issue by site administrators is rare. The developer's initial reaction of scepticism and denial provides an insight into how a significant percentage of vulnerability notifications proceed - ignorance or dismissal of the report, even more so from those who are 'experienced' or 'expert' security personnel.
4 June 2007
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.