After playing with Flex off and on for a couple of months, I decided I would try to break it. I’m not a security guy at heart, but I’ve listened closely and improved my own stuff, so I quickly came up with four ways that I might be able to cause problems with Flex. Here are my results with each. To be clear, it is not my goal to be a nefarious troublemaker and break everything. My goal is to find out where things could break.

ModSecurity Handbook:The Complete Guide to the Popular Open Source Web Application Firewall by Ivan Ristic. What is ModSecurity in the first place? Why does it matter to you? What makes this book important to the practice of web application design?

Google Labs, in cooperation with Google Code University, has released a new microblogging tool called Jarlsberg, and like its namesake cheese, it’s full of holes. Security holes. Google hopes you use Jarlsberg to learn best practices on how to make your own software more secure.

Netsparker is an automated security scanner which promises the elimination of false positives. How does it achieve such a result?

Google has released a web applications scanner that automatically outlines security issues.

The Month of PHP Bugs was a unique event in the PHP landscape that fixed a large number of security issues. Now a call for papers has started for a new, larger initiative.