[Owasp-leaders] Web Service Cheaters!

Gunnar Peterson gunnar at arctecgroup.net
Fri Oct 7 00:19:44 EDT 2011


There are good reasons to use both. For one thing SSL mitigates some replay vulns that WS-*, SAML et al cant defend against.

Thanks to Sherif and Jim for putting this together

Gunnar

On Oct 6, 2011, at 11:14 PM, mark curphey <mark at curphey.com> wrote:

> Quick question : Why is everything over SSL rather that the facilities in the WS*'s ?
> 
> 
> On Oct 6, 2011, at 8:52 PM, Jim Manico wrote:
> 
>> Hello Leaders,
>> 
>> We just pushed our first version of the Web Service Security cheat sheet here:
>> 
>> https://www.owasp.org/index.php/Web_Service_Security_Cheat_Sheet
>> 
>> Thanks to Gunnar Peterson for getting us started, to Sherif Koussa for driving it home, and for that many others who helped provide content and suggestions.
>> 
>> I would be very grateful if the web service security experts in our community would take a peek (its a fast read) and provide comments. 
>> 
>> Thanks all,
>> 
>> -- 
>> Jim Manico
>> 
>> Connections Committee Chair
>> Cheatsheet Series Product Manager
>> OWASP Podcast Producer/Host
>> 
>> jim at owasp.org
>> www.owasp.org
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 


More information about the OWASP-Leaders mailing list