Web Security - what do you do?

[Greg Vickers <g.vickers () QUT EDU AU>]

Hi all,

The QUT IT Security Program is undertaking the Web Security project,
which will review the security of the QUT web presence.  This project
encompasses our current tools, procedures and practices (including
development and training approaches).  We will investigate tools that
could be leveraged to improve the security of the web presence at QUT,
such as:

* Web server scanning tools,
* Tools to better manage web infrastructure, e.g., cPanel and other web
host managers.
* Web application development training and certification,
* Other technologies to find web servers with vulnerabilities.

This project is not looking directly at the security of the web servers
themselves, (i.e. operating system level) but at the security of the web
server applications and the actual web site code.  We would like to know
what tools, training, standards and developmental activities, etc, that
your University or higher education institution use in this space.

If further clarification is required, please contact the project manager
at QUT, Greg Vickers (+61 7 3138 6902), email: g.vickers () qut edu au

Thanks,
--
Greg Vickers
Phone: +61 7 3138 6902
IT Security Engineer & Project Manager
Queensland University of Technology, CRICOS No. 00213J