Tag Archives: OWASP

Rip van Security

Ripvanwinkle.jpg Gunnar Peterson asks a question:
…how do you primarily rely on network security as we have done for the Web’s life, when the Cloud abstracts the network away?
Gunnar points out IT security has been using firewalls and SSL as primary security for every network acccess software change since 1995.
In 1999 when SOAP emerged as a firewall-friendly protocol designed for the explicit reason to go through the firewall, that should have been a wake up call to Information Security that the “firewall + SSL” security architecture was past its prime, but here 10 years later we are still hitting the snooze button.
Here many years after we lost email for everybody but aging geeks and banks, IT security continues to snooze like Rip van Winkle. While the world changes around it: Continue reading