[Owasp-leaders] Web Service Cheaters!

mark curphey mark at curphey.com
Fri Oct 7 00:32:26 EDT 2011


Anyway to call that out as I didn't know that and find it super valuable to now know?
On Oct 6, 2011, at 9:19 PM, Gunnar Peterson wrote:

> There are good reasons to use both. For one thing SSL mitigates some replay vulns that WS-*, SAML et al cant defend against.
> 
> Thanks to Sherif and Jim for putting this together
> 
> Gunnar
> 
> On Oct 6, 2011, at 11:14 PM, mark curphey <mark at curphey.com> wrote:
> 
>> Quick question : Why is everything over SSL rather that the facilities in the WS*'s ?
>> 
>> 
>> On Oct 6, 2011, at 8:52 PM, Jim Manico wrote:
>> 
>>> Hello Leaders,
>>> 
>>> We just pushed our first version of the Web Service Security cheat sheet here:
>>> 
>>> https://www.owasp.org/index.php/Web_Service_Security_Cheat_Sheet
>>> 
>>> Thanks to Gunnar Peterson for getting us started, to Sherif Koussa for driving it home, and for that many others who helped provide content and suggestions.
>>> 
>>> I would be very grateful if the web service security experts in our community would take a peek (its a fast read) and provide comments. 
>>> 
>>> Thanks all,
>>> 
>>> -- 
>>> Jim Manico
>>> 
>>> Connections Committee Chair
>>> Cheatsheet Series Product Manager
>>> OWASP Podcast Producer/Host
>>> 
>>> jim at owasp.org
>>> www.owasp.org
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 



More information about the OWASP-Leaders mailing list