This post has no technical value. Just experimenting with how much traffic I can get by putting the term “clickjacking” in a post. 
But seriously, if you want to know anything about it, go listen to Martin’s podcast interview with Jeremiah and Rsnake. You can also go over to Computerworld and take a look at the Q&A.
So…
clickjacking…
clickjacking…
clickjacking…
Rsnake
Robert Hansen
Jeremiah Grossman
Whitehat Security
SecTheory LLC
OWASP
Vet
I went out to see one of our customers this week who had their web app pwned a while back. This is the second client since I have been with Accuvant that we were trying to help via our security assessment services who got smacked around before they could make up their mind to spend the money or not. It has been several weeks since they were attacked, and they are still running around like school girls with their hair on fire.
Yes, they are making a lot of progress (much of it due to us having a couple of guys helping them out for the last 4 weeks). But the point is that they could have avoided all this craziness and stress if they would have made the right choice in the first place. Like I have said in the past, business decisions have to be made. But when you are a financial company that serves a lot of customers, you need to make sure due diligence is performed. Sitting on your hands is not an option.
Vet
