Covering J2EE Security and WebLogic Topics

OWASP

Have you seen The Open Web Application Security Project (OWASP) site? If not, you’ll be amazed at the wealth of information they freely provide. Here’s a sampling:

  • Read the Top Ten Web Application Security Flaws to not only learn about common security oversights but how to correct them.
  • The in-depth Guide to Building Secure Web Applications is a must-read for any developer. It’s long, detailed, and incredibly good.
  • It’s easy to talk theory about exploits and even to code defensively for them. But nothing will drive home the concepts like actually performing the exploits. For a safe, guided walkthrough of common web application exploits, take WebGoat for a spin. WebGoat lets you play the hacker with this sample application, effectively demonstrating the problems caused by insufficient security measures and how a hacker can leverage weaknesses. It’s quite eye-opening.

OWASP also covers many other subjects related to web application security. Check it out today.