good article, got me nostalgic for when I was doing app testing 4 years back, for a while. But the content is stale (no offense) it has been reproduced in many articles. Maybe we ought to take web application security to the next level, where we are thinking more in terms of process and procedures for implementing such things in different stages of the project and have more and more whitepapers in that direction.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/infocus/1864/548#548