AQTRONIX WebKnight is an application firewall for IIS and other web servers and is released under the GNU General Public License

In adressing an IIS 5 bug (CVE-2007-2815), the Microsoft Knowledge Base article #328832 went a step further in presenting the conditions needed to reproduce the issue: they provided step by step instructions to what is basically an exploit of the vulnerability

And since it’s illegal to operate an online casino business in US, where are the datacenters and all the servers that host zillions of online gambling websites

In the pursuit of accurate statements about application security, Ory Segal took a new shot at Beehive, the last bulletin board which I considered bug free in 2006. Well it didn’t take him long to find not one, not two but three new Beehive XSS vulnerabilities . I have installed Beehive 0.71 and indeed the vulnerabilities are confirmed.

NuFW is an enterprise grade firewall that performs an authentication of every single connection passing through the IP filter, by transparently requesting user’s credentials before any filtering decision is taken

One of the objectives of this security standards portal named “ICT Security Standards Roadmap” is to provide a central tracking facility for NIS standards. It facilitates identification of standards and standardization activities, as well as coordination among standardization bodies, reduction of duplicate work and easier identification of existing gaps.

he BBpress authentication page (bb-login.php) is home of a XSS vulnerability.

The guys at www.security-database.com keep a close eye on hundreds of security tools and they provide free access to the tracking database so that you know exactly which tools you need to update before starting your assessment projects.

NIST publications : Guidelines on Cell Phone Forensics, Guide for Assessing the Security Controls in Federal Information Systems, Guidelines on Securing Public Web Servers, User’s Guide to Securing External Devices for Telework and Remote Acces, Specification for the Extensible Configuration Checklist Description Format (XCCDF)

etiolated.org : a highly specialized search engine for identity theft and personal data compromise incidents.