Monday, January 21, 2008
Technology Risk - IT Risk Career Certifications
Information Security - CISSP -
https://www.isc2.org/cgi-bin/content.cgi?category=97
Information Privacy - CIPP -
https://www.privacyassociation.org/index.php?option=content&task=view&id=36&Itemid=85
Fraud Review - CFE -
http://www.acfe.com/Membership/become.asp
IT Audit - CISA /CISM -
http://www.isaca.org/Template.cfm?Section=Certification&Template=/ContentManagement/ContentDisplay.cfm&ContentID=19934
Internal Audit - CIA -
http://www.theiia.org/certification/certified-internal-auditor/
IT Infrastructure - ITIL -
http://www.itil-officialsite.com/home/home.asp
Business Continuity and Disaster Recovery - CBCP -
http://www.drii.org/DRII/Courses/certification_overview.aspx
https://www.isc2.org/cgi-bin
Information Privacy - CIPP -
https://www.privacyassociation
Fraud Review - CFE -
http://www.acfe.com/Membership
IT Audit - CISA /CISM -
http://www.isaca.org/Template
Internal Audit - CIA -
http://www.theiia.org/certifica
IT Infrastructure - ITIL -
http://www.itil-officialsite
Business Continuity and Disaster Recovery - CBCP -
http://www.drii.org/DRII
Thursday, January 10, 2008
XSS Hu la la :-)
From Mark Curphey's blog ::
"
"
"
From the Office of "Real World Software Security"
When a customers development team was recently asked to use the AntiXSS library, validate input and encode output for their web interface they replied (and I quote) “we do not use cross site scripting”.
If any customer ever asks the single most effective thing to affect a positive change on their software security security program I always respond with education and awareness. Pound for pound, dollar for dollar it is the most effective tool anyone has.
"
Labels:
Cross-Site Scripting,
Information Security,
Security,
XSS
Subscribe to:
Posts (Atom)