AQTRONIX WebKnight is an application firewall for IIS and other web servers and is released under the GNU General Public License

In the pursuit of accurate statements about application security, Ory Segal took a new shot at Beehive, the last bulletin board which I considered bug free in 2006. Well it didn’t take him long to find not one, not two but three new Beehive XSS vulnerabilities . I have installed Beehive 0.71 and indeed the vulnerabilities are confirmed.

he BBpress authentication page (bb-login.php) is home of a XSS vulnerability.

The guys at www.security-database.com keep a close eye on hundreds of security tools and they provide free access to the tracking database so that you know exactly which tools you need to update before starting your assessment projects.

REMO, a project to build a graphical rule editor for ModSecurity with a positive/whitelist approach.

I decided to take a look at today’s top 10 bulletin boards and see how many security vulnerabilities have been published in the last 12 months by Secunia.

Without further ado, here is the flash version of my presentation : E-Banking Web Application Security.

Andrew van der Stock announced the availability of OWASP Top 10 2007 .

This Web Security Trends Report presents new research and statistical breakdowns illustrating the universal nature of malicious code, as well as exposing the presence of malicious code on webpages translated by online translation services.

6 days after Wordpress 2.2 release, Janek Vind has discovered a SQL injection vulnerability in WordPress 2.1.3, which can be exploited to conduct SQL injection attacks.