Tonight we have a meeting. My focus is mostly on application architecture, so very high level.
Examples of AS concerns are:
- Unwanted and unseen information leakage (see recent web2.0 developments)
- Cross Site Scripting attacks and other browser vulnerabilities
- Unwanted access
- Injection vulnerabilities
- Lack of input validation
- Insufficient testing on the security of an application
- Insufficient preparation and evaluation in the architecture and design
When things develop further, I'll write more on this blog.