Web Application Security
Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: hard-to-sell vulnerabilities
Dec 23 2010 12:35AM
Guillermo Caminer (flaco webappsec gmail com)
You can show to your client the sensitive data (SSN) stored in the Web Server logs.
On 12/22/2010 04:36 PM, Alex Vargas wrote:
> I would look at it from an audit point of view. Are they
> healthcare? If so it is obvious that they are passing PHI because of
> the bliant use if a variable ...
[ more ]
Copyright 2010, SecurityFocus