Archive for January, 2011

Egyptians Use Low-Tech Gadgets to Get Around Communications Block

January 28th, 2011 by

Chris Weber discusses how “Egyptians Use Low-Tech Gadgets to Get Around Communications Block” with FoxNews.com

Posted in News | No Comments »

Is the Internet Running Out of Room?

January 27th, 2011 by

Samuel Bucholtz discusses the implications of IPv4 depletion and the IPv6 transition in “Is the Internet Running Out of Room?

Posted in News | No Comments »

What Would You Do If Your Computer Got Hacked?

January 25th, 2011 by

Chris Weber and Jason Glassberg on Seattle’s Q13 Fox News story “What Would You Do If Your Computer Got Hacked?

Posted in News | No Comments »

Microsoft SDL Release Phase: Security Practices

January 18th, 2011 by

Jason Glassberg, Co-Founder, Casaba, discusses the three security practices of the Microsoft SDL Release phase. Jason talks about the planning for post-release contingencies by creating a well thought-out incident response plan, then stresses the importance of the application of a Final Security Review, its outcomes and mitigation of any outstanding issues. Finally he discusses the archiving of all pertinent information and data to allow for post-release servicing of the software.

Posted in News | No Comments »

Which E-mail Service is Safest?

January 11th, 2011 by

Chris Weber’s article on “Which E-mail Service is Safest?” goes online. Explore the key differences between Hotmail, Gmail, Yahoo Mail, and Facebook and some of the alternatives such as Hushmail and Countermail.

Posted in News | No Comments »

Grading Steve Ballmer

January 6th, 2011 by

Jason Glassberg speaks about “Grading Steve Ballmer” on CNBC

Posted in News | No Comments »

X5S V2.0…. its coming!

January 3rd, 2011 by

So, It’s been awhile since we’ve done any public updates to X5S. Over the last year, I’ve improved the algorithm and process significantly. Be on the look out, it should be released within the next couple of weeks (Sometime in Jan. 11).

Some of the improvements include:
* Better Algorithms for doing checks
* Better output format .. Now uses a tree view.. Going to add better support for reporting too..
* Cleaner UI (Easier to use)
* Re-factored the code to be cleaner/make more sense and easier to maintain. It’s much easier to understand/work with.. before was mostly prototyped code/ Alpha code.
* Changed how test cases are defined for more control over the types of injects
* Added a fuzzing mode that will take data from a file and inject it where canaries would normally be injected. (This can be slow with lots of injections)
* Added a replay from Fiddler capture.. (Replays the capture while fuzzing/injecting on the requests).

* many many more minor/significant changes.. =)

Check back soon for a release date!

Posted in Code Review, Development, Nebulous, Security Testing, Tools, Unicode | 5 Comments »