Via Hac.kers.org -
I was wondering how long it would take for someone to make the suggestion, and a few days ago it finally happened - someone made the suggestion that I write a book on XSS. The idea would be to write a book that anyone could pick up and use as a reference to understand and combat XSS attacks. Whelp, as it turns out, I’ve been doing just that for months now. Yup, the people on the forum outed us.
Several months ago Syngress Publishing asked a few people to help contribute to a book on XSS. The contributing authors are Jeremiah Grossman, Anton Rager, Seth Fogie and yours truly. We are still several months away from completing the book, but we are well on our way. Sorry I didn’t tell you all earlier, but I was just finally allowed to start talking about it.
I’ll let you all know as the date gets closer. But if I’m not super quick on the posts and answering email, that’s part of what’s going on - too many irons in the fire these days.
-------------------------------------------------
This book is long overdue...but it will be a welcome sight to many programmers and managers struggling with fighting the XSS war. XSS isn't just vulnerability, it is a security pandemic.
Plus you couldn't find a better group of people to write the book. I am looking forward to this one. Hopefully the book will provide strong guidelines for programmers.
I still see programmers attempting to use blacklist to kill XSS and SQL injections. Of course, this never works.
No comments:
Post a Comment