Friday | 10 July, 2009
CSO
Watch out for PHP holes
Poorly written PHP sites make them the target of attacks
Deb Radcliff (CSO (US)) 24/01/2007 09:28:56
Page:

What to do

1. Web application filters are a good first step to protecting your Web applications from malicious tampering, but they don't catch everything. Bill Boni strongly recommends ongoing training in coding best practices for all Web developers regardless of the development language they use. "Code reviews, application-level security scanning and rigorous security testing against your Web applications are all essential," he adds.

2. Keep your browsers patched and updated, since the malicious code gets in through vulnerabilities in the browser, Chris Shiflett says. "If you can, get on a less used and less targeted browser, a really solid and mature browser like Opera, Safari or Firefox," he says.

Page:
More about Security Systems, HIS Limited, Internet Security Systems, Circuit City, Websense, Motorola, IBM, Bill

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

The business justification for data security

In the information security world we face two major types of threats: "noisy" threats which directly interfere with our ability to do business and "quiet" threats which cause real damage, but don't necessarily prevent people from doing their jobs. Read on to discover how to combat both types of threats and to justify the use of data security within your business.

Sponsored Links