Webcast: Hacking 101--The Top 10 Attacks in Web Applications
Learn about the three most common web application attacks, including how they occur and what can be done to prevent them.
eKit: Web Application Security
Discover how IBM Rational AppScan Standard Edition can help you detect vulnerabilities in your Web applications. The new Web Application Security eKit provides you with valuable resources, including whitepapers, demos, and additional information on the benefits of testing your Web applications. Tutorial: Create Secure Java Applications Productively
This is the first in a two-part tutorial series creating secure Java-based Web applications using Rational Application Developer, Data Studio and Rational AppScan. eKit: Web 2.0 Developer
Take advantage of open, flexible Web 2.0 technologies, like social software and mash-ups. The IBM Web 2.0 Developer eKit has been updated with the latest best practices & technologies from IBM.
Groklaw: Microsoft's Calling Home Problem: It's a Matter of Informed Consent
"Lauren Weinstein broke the story on his blog. Microsoft has now put out a statement, asserting that the Windows Genuine Advantage tool is not spyware, that they're going to change it some, and that one thing that distinguishes it from spyware is that they get consent before installing it. I question the accuracy of the statement.
"David Berlind did a fabulous job of discovering that in fact the tool has two parts, one of which is new, the Notification part, as you can see in his helpful series of screenshots. First, he explains how the applications actually work. His research indicated to him that Microsoft asks permission for only one of the two, but the wrong one...."