Danny Tech Security

WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application. For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. The application is a realistic teaching environment, providing users with hints and code to further explain the lesson. From http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project WebGoat is a platform independent environment. It utilizes Apache Tomcat and the JAVA development environment. The only thing required from the user is Java which can be downloaded from http://java.sun.com/downloads/ . Webgoat allows the user to practice in a safe environment with in the user’s network and webgoat can be run in Windows Linux, or MAC OS X. First let’s download the latest copy of webgoat http://code.google.com/p/webgo

The Author: Toni Bowers talks about how some companies don’t see the value of proper end-user training. They’re willing to pay thousands of dollars for a new product that is supposed to improve productivity but aren’t willing to do the one thing that will help with that product’s adoption in the enterprise. A good end-user training strategy will make new software deployments more cost effective. It is good post to read on your down time. http://blogs.techrepublic.com.com/career/?p=2152&tag=main;banner