Security Basics mailing list archives
Re: Question about a book
From: Brent Huston <lbhlists () gmail com>
Date: Fri, 4 Jan 2008 12:25:11 -0500
I would skip the book if you are going to do risk assessment instead of application assessments... A better guide would likely be the high level OWASP stuff at http://www.owasp.org.
--- Brent Huston, CHS-III Security Evangelist & CEO http://www.microsolved.com Assessments, Application/Device Security & HoneyPoint On Jan 4, 2008, at 8:24 AM, Worrell, Brian wrote:
Has anyone read the book "The Web Application Hacker's Handbook Discovering and Exploiting Security Flaws"? If so, what do you think about it? Soon I will have to do Risk Assessments of our Web Applications that we are going to deploy, andneed something that would help me when it comes to the most common testsor vulnerabilities.Knowing that there are many options, if this book is not very good, doesanyone else know of a resource for Web App assessments? Thank you, Brian Worrell Information Security Manager and Security Officer Office of HIPAA Compliance Indiana State Department of Health 2 North Meridian Street Indianapolis, IN 46204 o: (317) 233-4945
Current thread:
- Question about a book Worrell, Brian (Jan 04)
- Re: Question about a book Brent Huston (Jan 04)
- Re: Question about a book Bipin Upadhyay (Jan 07)
- <Possible follow-ups>
- Re: Question about a book Sheldon Malm (Jan 04)
- Re: Question about a book Brent Huston (Jan 04)