Web Security vs. Superstition, Part 4

Web site security is a very important issue to me. I find it frustrating sometimes dealing with people who operate based more on superstition and urban legends than on solid principles.  Part 4 is about some strange behavior I have seen in security groups and other insanity. Continue reading

Web Security vs. Superstition, Part 1

Web site security is a very important issue to me. Every application, every information resource, must be built strong enough to put in the Internet, to reliably deliver information to those allowed access, and prevent delivery to those who are not.  I find it frustrating sometimes dealing with the “security experts” in IT who operate based more on superstition and urban legends than on solid principles.  Part 1 lays down the requirements for a secure web application.  Today’s post is prompted by my meeting with such a security expert. Continue reading