Continuous web application vulnerability scanning isn't a standard practice. It should be! Here are my thoughts on making it happen.
The NoVa chapter of OWASP is meeting on 4/11. Topic: Impact of IPv6 On Your Applications.
SBN
Continuous Integration Security Testing
A comparison of 4 free and open source web application vulnerability scanners for inclusion in a continuous integration (CI) process for automated security testing.
PCI DSS Compliance: A High Level View
These are my high level notes for completing a self-assessment questionnaire (SAQ) for PCI DSS compliance for an SMB. From figuring out what merchant level you are, to determining scope, to reporting your results to your acquiring bank - here's how to get it done.
Detecting SQL Injection Vulnerabilities
How to detect SQLi vulnerabilities, examples of web application errors that indicate SQLi, and an introduction to web application vulnerability scanners.
SQL Injection Defined
What SQL injection is, implications of SQLi, how prolific the issue is, and a few real world examples of SQLi attacks.
Breaking Into Web Application Security
A collection of resources to answer the question "how do I get into information security?"
Detecting Cross Site Scripting Vulnerabilities
You can find XSS vulnerabilities in a variety of ways; including manual testing, proxying web traffic, browser extensions, and web application vulnerability scanners.
History of Cross Site Scripting
XSS attacks were first seen almost immediately after JavaScript was released, but exploded after Samy brought down MySpace. Today, it is at the top of OWASP's list of web application security risks.
Cross Site Scripting Defined
What XSS is, types of XSS, how prolific the issue is, and a few real world examples of XSS attacks.
Manage Your ASSets: NMAP Automation
I have automated, weekly NMAP scans that run, compare the results against the previous week's scans, and email me with what has changed on my network.