{"id":2002,"date":"2003-10-29T00:00:00","date_gmt":"2003-10-29T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2003\/10\/29\/xml-a-growing-security-threat\/"},"modified":"2021-12-30T11:40:27","modified_gmt":"2021-12-30T11:40:27","slug":"xml-a-growing-security-threat","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2003\/10\/29\/xml-a-growing-security-threat\/","title":{"rendered":"XML: A Growing Security Threat?"},"content":{"rendered":"

According to Gartner, most large firms already have or are planning some kind of Web services project within the next year.<\/p>\n

One of the lures of Web services is the ease of exchanging data in XML format.<\/p>\n","protected":false},"excerpt":{"rendered":"

Gartner says almost 70 percent of companies view security as a barrier to Web services deployment.<\/p>\n

To assess the state of XML security today as it pertains not only to Web services but also to the latest Office software, Security Strategies spoke with John Lilly, the chief technology officer of Reactivity, which just announced the latest generation of its XML firewall.<\/p>\n

And though customers are using them, as you know, in security, people don’t like to talk about what they’re doing.<\/p>\n

The cost reductions and revenue enablement are so steep that some companies are going in without any security.<\/p>\n

The good news is that because Microsoft moved to a mostly open standard for XML documents, you can be a bit more proactive about pulling those documents apart and seeing if there’s anything malicious or not.<\/p>\n

Also Microsoft’s use of XML for sharing, collaboration, and updates will create more accidental XML traffic—the organization doesn’t necessarily know it’s there until they look.<\/p>\n

More info: [url=http:\/\/www.esj.com\/news\/article.asp?EditorialsID=748]http:\/\/www.esj.com\/news\/article.asp?EditorialsID=748[\/url]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-2002","post","type-post","status-publish","format-standard","hentry","category-trends"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2002","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2002"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2002\/revisions"}],"predecessor-version":[{"id":4489,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2002\/revisions\/4489"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2002"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2002"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2002"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}