There is a "Webinar" titled "When Good HTML Goes Bad: How You Can Protect Your Web Applications" "This webinar highlights how modern attacks target the web browser ? and the best practices to safeguard your web applications against these risks."
and I just thought I would ask for opinions here, or should the topic be somewhere else?
This topic as far as I know doesn't have a usenet home that I'm aware of, and it is at least security related, and if you stretch it a bit, it is even firewall related to the point that there are devices called web application firewalls (WAF's) that attempt to do layer 7 filtering of http streams to try to filter on the wire common injection attacks to which a broken web app might be vulnerable. But they're far from plug and play. And heck, it's better to discuss than the general non-security computer cruft that other websites seem to be pointing to the group, so let's discuss. :-)
Web application security is indeed a HUGE liability for most companies.
However, the description of the webinar seems a bit confused. What vendor is it from?
"attacks target the web browser" is a bit different than "protect your web applications."
In one case, the target is a client/person with a web browser, and in the other case the target is the web server and the application it's running (and the data it holds).
The two attack surfaces are related though, when a web application has, say XSS or CSRF vulnerabilities that can be leveraged by an attacker to ... attack client web browsers.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.