facebook  linkedin  Twitter  skype  Rss googlePlus


Jul 23 2014
Web apps have appeared to become less susceptible to attack having decreased continuously since the previous year. The application layer attacks represent only 11!% of the attacks. However, when the attacks are more significant where bots are being installed on the servers and then used to attack other networks. With the advent of cloud hosting it makes it more difficult for companies to block or blacklist the network due to the changing nature, and growth of sites being hosted on cloud providers.

Malicious Code Injection: It's Not Just for SQL Anymore

Oct 19 2006
Malicious Code Injection: It's Not Just for SQL Anymore More and more, developers are becoming aware of the threats posed by malicious code, and SQL injection in particular, and by leaving code vulnerable to such attacks. However, while SQL is the most popular type of code injection attack, there are several others that can be just as dangerous to your applications and your data, including LDAP injection and XPath injection. While these may not be as well-known to developers, they are already in the hands of hackers, and they should be of conc...

Beyond Stored Procedures: Defense-in-Depth Against SQL Injection

Jul 26 2006
A few years ago, mentioning the phrase "SQL Injection" to developers or asking to adopt a "defense-in-depth" strategy would probably get you a blank stare for a reply. These days, more people have heard of SQL Injection attacks and are aware of the potential danger these attacks present, but most developers' knowledge of how to prevent SQL Injection is still inadequate, and when asked how to defend their applications against SQL Injection, they usually reply, "That's easy, just use stored procedures." As we will see, using stored procedures is ...

Create, Export & Encrypt Connection String on Server and Dev Machine with ASP.Net 2.0

May 25 2006
 By Steve Schofield  This article covers some basic steps and commands to encrypt your connection string and other items in a configuration file using ASP.NET 2.0. Microsoft has made it easier to have a portable key that encrypts certain sections in a web.config that are normally clear text. I have not found a quick how-to reference to allow for a scenario where the key is both on a local development machine along with being on a remote web server. Developers like to test out their code locally before publishing to production. In...

Lock the Controls Down on a Page

Feb 21 2006
The following blocks of code will provide you with a method of iterating through all the controls on a page and performing some change on the properties of the control. In this particular example, we wanted to provide a simple means of locking controls down to users who did not have edit permissions in the application. This allowed the data to still be viewable to the user, but no means to edit the information. Implementing the class is fairly easy, the security mechanisms are all contained within a single class called Security.vb. Conta...
Displaying 1 of 2 - Next Page


Thank you for visiting our site, before you leave, please visit some of the areas or information you may have missed.

Popular Articles