Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.
- WASC Threat Classification v2.0 & OWASP Top Ten Mapping
- Thoughts on an AppSec Program (p1, p2, p3, p4, p5)
- Mr Bean replaces Spanish PM on EU presidency site
- Hacker pilfers browser GPS location via router attack & XSS PoC
- Looking at what makes good Application Security knowledge
- Research page on Web Security Ratings and Disclosure Policies
- NAT Pinning & NoScript's ABE
- Secure Storage using the OWASP ESAPI
- Java EE 6: Web Application Security made simple!
- Ruby on Rails: Secure Mass Assignment