The live stream should go up around 1845 EDT with the show starting around 1900EDT.  Further details can be found here: http://pauldotcom.com/security-weekly/

Hope to see you there.

Seth Misenar

Not sure when this was released, but I am sure that it was pretty recently.  From the title I wasn’t really expecting much, but was pleasantly surprised by the clarity with which the tips were explained.  Frank Kim and Ed Skoudis co-authored this pithy 6 page paper.

Here is the description from the SANS Reading Room:

Many web application vulnerabilities are a direct result of improper input validation and output filtering, which leads to numerous kinds of attacks, including cross-site scripting (XSS), SQL injection, command injection, buffer overflows and many others. This article describes some of the best defenses against such attacks, which every Web application developer should master.

This offering looks to be part of a new series from SANS entitled, Working Papers in Application Security. I am looking forward to future papers if they are written as lucidly as this one.

Good work, Frank and Ed.

Here is the link to get the document: http://www.sans.org/reading_room/application_security/protecting_web_apps.pdf

SEC401: Security Essentials
3/23/2009-3/28/2009

SEC538: Web Application Pen Testing Immersion
3/29/2008-3/30/2009

SEC542: Web Application Penetration Testing
5/11/2009-5/16/2009