Full Disclosure mailing list archives

Re: Fw: [WEB SECURITY] Application Security Program

From: <c0redump () ackers org uk>
Date: Fri, 30 Jun 2006 09:39:56 +0100

Google "STRIDE" and "DREAD" in terms of computer security;http://wiki.okopipi.org/wiki/Security_concerns


-- c0redump

----- Original Message -----From: huan chen

To: full-disclosure () lists grok org uk
Sent: Friday, June 30, 2006 3:40 AM
Subject: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program


forwarding to this list for opinion...

----- Original Message -----From: "huan chen" <ktriv3di () msn com>

To: "Web Security" <websecurity () webappsec org>
Sent: Thursday, June 29, 2006 3:51 PM
Subject: [WEB SECURITY] Application Security Program

List,
We are trying to design a big picture information security program for outorganization. The goal is to concentrate on application security. Subtasks should include stuff like policy gap analysis, pen test balc box andwhite box, etc. The goal is to do all the activities and measure progresson an yearly basis/
Are thier any existing frameworks? Anything that has worked / not workedfor you guys?
Thanks


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html

Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Fw: [WEB SECURITY] Application Security Program huan chen (Jun 29)
- WIKI / Sharepoint managed service huan chen (Jun 29)
- Re: Fw: [WEB SECURITY] Application Security Program c0redump (Jun 30)