Clickjacking for the Rest of Us

On almost every review we do, we cite “Clickjacking”. Developers always have one of two things to say: “What can someone really do with the exploit?”, or “So what.” I’d like to take a minute to explain a little bit about this exploit, give a quick example, and talk about a few ways to mitigate this […]

Aaron Cure presents at the Denver Visual Studio Users Group

The application layer is increasingly targeted as a vector for penetrating corporate and government infrastructures. Developers, under continuous pressure to develop applications with more functionality in shortening development cycles, have frequently had few opportunities to consider the security implications of the code they are developing. When security assessments are conducted, vulnerabilities are frequently identified but […]