Scribd Logo
Upload

Welcome to Scribd!

  • Web App Security JP

    Uploaded by

    mbahpingah
    80 views7 pages
    Web App Security Jp

    Original Title

    Web App Security Jp

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Web App Security Jp

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    80 views7 pages

    Web App Security JP

    Uploaded by

    mbahpingah
    Web App Security Jp

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    WEB :

    DANNY ALLAN

    .................................................................................................................................... 1
    .................................................................................................................................... 1
    ................................................................................................................ 2
    .................................................................................................................... 2
    .................................................................................................................... 3
    .................................................................................................................................... 3
    .................................................................................................................................... 3
    ............................................................................................ 5

    Copyright 2006 Watchfire Corporation. All Rights Reserved. WatchfireWebXMBobby


    AppScanPowerToolsBobby Flame Watchfire Corporation

    Watchfire Watchfire

    www.watchfire.com

    90% Web 175% HTTP/S


    Web
    80 443

    Web

    Web

    1
    Web

    o
    o

    o
    o


    Web 1999 2 Web
    Web
    Web

    1
    2

    http://www.imperva.com/company/news/2004-feb-02.html
    http://patft.uspto.gov/

    Copyright 2006. Watchfire Corporation. All Rights Reserved.

    Web 2
    XSS

    2002
    Microsoft Hotmail 3 1

    Microsoft
    Hotmail 4 1
    30

    70
    5 1
    2,000 30 x 70 XSS
    1 80%
    6
    Web

    100%

    URL
    JavaScript

    URL ID Web

    Web

    http://www.computeruser.com/news/02/02/13/news2.html
    https://accountservices.passport.net/reg.srf?roid=2&sl=1&vv=310&lc=1033
    5 http://ha.ckers.org/xss.html
    6 http://www.imperva.com/company/news/2004-feb-02.html
    3
    4

    Copyright 2006. Watchfire Corporation. All Rights Reserved.

    Web

    IDC


    Web


    A
    B C B
    A C

    100 Web 7

    36% Web

    17 % Web

    46 % Web

    80 20 80 % 20 %
    80% 1

    Web

    http://www.webappsec.org/lists/websecurity/archive/2005-06/msg00014.html

    Copyright 2006. Watchfire Corporation. All Rights Reserved.


    Web

    Web

    Web

    Copyright 2006. Watchfire Corporation. All Rights Reserved.

    Web
    AXA FinancialSunTrustHSBC
    VodafoneVeteran's AffairsDell 500

    HP/IAPP InfoSecurity Product Guide 2006
    Computerworld Computer Reseller News 2006
    SC Magazine
    IDC Web
    IBM
    PricewaterhouseCoopersTRUSTeMicrosoftInterwovenEMC Documentum and Mercury
    Massachusetts Waltham
    www.watchfire.com

    Copyright 2006. Watchfire Corporation. All Rights Reserved.

    You might also like