Abstracts -- The OWASP Logging Project -- SQL Injection -- How Far Does the Rabbit Hole Go? -- OWASP O2 Platform -- Open Platform for Automating Application Security Knowledge and Workflows -- The Business of Rogueware -- Microsoft Infosec Team: Security Tools Roadmap -- Empirical Software Security Assurance -- Assessing and Exploiting Web Applications with the Open-Source Samurai Web Testing Framework -- Authentication: Choosing a Method That Fits -- Cloud Computing: Benefits, Risks and Recommendations for Information Security -- OWASP TOP 10 2009 -- Deploying Secure Web Applications with OWASP Resources -- Thread Risk Modelling -- Protection of Applications at the Enterprise in the Real World: From Audits to Controls -- Papers -- A Semantic Web Approach to Share Alerts among Security Information Management Systems -- WASAT- A New Web Authorization Security Analysis Tool -- Connection String Parameter Pollution Attacks -- Web Applications Security Assessment in the Portuguese World Wide Web Panorama -- Building Web Application Firewalls in High Availability Environments
Summary
This book constitutes the proceedings of the Iberic Web Application Security Conference, held in Madrid, Spain, in December 2009