Articles in Palisade
All articles are broadly maintained in these three categories. Click on the individual links to go to the article content. Or you could click on the categories themselves. You will be taken to the respective category pages with article summaries.
Features
- Defend against Reverse Engineering
- URL Redirection Flaw
- Virtualization – the promised land?
- Mobile Banking Architecture
- Back to Basics: Http Essentials
- Smart Questions for Customer Reference Checks
- HTTP Request Smuggling
- Session Riding Attacks
- Understanding SSL VPN
- The reign of bots
- Pharming on the Net
- Interview: The Challenges of Security Testing
- Security Architecture for Multi-Tier Applications
- Interview: What works in Training Security Testers
- Datamonitor Survey on Software Security Testing
- All About Steganography
- Web Application Honeypots
- Built-in Intrusion Detection
- Integrating Smart Cards in Web Applications
- Preventing Buffer Overflows
Technical Articles
- Cache Control Directives Demystified
- CSRF - The hidden menace
- Common mistakes in two-tier applications
- Wi-Fi Protected Access
- Mobile Banking Architecture
- Back to Basics: Internet Cookies
- Application Penetration Tester's Toolkit
- Securing Web Based Payment Systems
- ASP Session Cookies
- Wireless Security - Cracking WEP
- Wireless Security - How WEP works
- Insecurities in Healthcare Applications
- SaaS Security Testing - The Challenges
- Anti-phishing - Incident Response
- Anti-Phishing Techniques - Detection Measures
- HTTP Request Smuggling
- Anti-Phishing Techniques - Protection Measures
- More on dodging spiders
- Are stored procedures safe against SQL injection?
- Dodging the spiders
- Browser Hijackers
- LinkDemand and InheritanceDemand
- Distributed Reflection Denial of Service: A Bandwidth Attack
- Thick Client Application Security - Attacks
- Security issues in 'Remember Me' feature
- Assert Safely: How to use .Net's Assert wisely
- Rainbow Cracking and Password Security
- Two Factor Authentication
- PHP Security - Securing the environment
- Defeating Bots with CAPTCHAs
- Securing Documents in Web Applications
- Security in SMS Banking
- Implementing SSL
- Code Obfuscation Part 3 - Hiding Control Flows
- Understanding SSL
- Code Obfuscation - Part 2: Obfuscating Data Structures
- SMS Banking
- Using browser refresh to expose passwords
- Code Obfuscation
- Secure your sessions with Page Tokens
- Security Enhancements in Visual C++
- Google Hacking - Is your web application secure?
- XPath injection in XML databases
- Cryptanalysis: Collision attack in Hashing
- Security Reverse Proxy
- Steganalysis
- Fighting Keyloggers
- Source Code Analyzers
- Backdoors and Trojans in Applications
- Introduction to Code Obfuscation
- Of Captchas, Gimpys and BaffleText …
- Same User, Different Privileges
- Securing Database Connection Strings
- Automated Application Vulnerability Scanners
- Passwords - In Memory Still Green
- Threat Modeling
Best Practices
- The Payment Application Data Security Standard (PA DSS)
- Mobile Banking - Threats and Mitigation
- Phishing Questions
- 5 Tips for Securing Software as a Service
- Securely Webifying Applications
- Securing IIS Web Servers
- Are Complex Passwords Really Necessary?
- Securing Apache Web Servers
- Thick Client Application Security - Defenses
- Pharming on the Net
- Implementing Password Recovery
- Interviewing software developers
- Encrypting data in Databases
- Selecting Application Security Vendors
- Best Practices in Input Validation
- Catch'em Young - How to discover vulnerabilities early
- Application Logs - Security Best Practices
- Controls for Outsourcing Software Development
- Training your Developers
- Security at Software Requirements Specification
- Authentication - Security Best Practices