Penetration Testing mailing list archives
SIFT Web Services Security Testing Framework
From: "Daniel Grzelak" <daniel.grzelak () sift com au>
Date: Mon, 13 Nov 2006 14:21:19 +1100
SIFT has released a new Intelligence Report titled 'A Web Services Security Testing Framework'. The framework covers the entire web services security testing process incorporating detailed threat modelling, scoping and planning methodologies tailored specifically for web services applications. It also provides a structured approach to assessing the security of a web service through an application-level penetration test and aims to deliver a repeatable means for security assurance. A primary goal of this framework is to stimulate community interest and drive the further development and adoption of structured security assurance methodologies for web services. We welcome mailing list subscribers to review the paper and will endeavour to incorporate feedback in future versions of the framework. Please send feedback and suggestions to research () sift com au. The paper is available for download from the SIFT website: http://www.sift.com.au/36/175/a-web-services-security-testing-framework.htm ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- SIFT Web Services Security Testing Framework Daniel Grzelak (Nov 13)