WASC Releases Web Security Threat Classification

[Jeremiah Grossman <jeremiah () whitehatsec com>]

Web Application Security Consortium Establishes Official Charter and 
Delivers Web Security Threat Classification

Group Promotes Industry Standard Terminology of Web Security Threats

Web Application Security Consortium (WASC), a group dedicated to 
developing and promoting "security standards of best practice" for the 
World Wide Web, announced the completion of the WASC official Charter 
and Web Security Threat Classification.

The Web Security Threat Classification is a cooperative effort to 
clarify and organize the threats to the security of a Web site. The 
members of the WASC created this project to develop and promote 
industry standard terminology for describing these issues. With the 
creation of the Web Security Threat Classification, application 
developers, security professionals, software vendors and compliance 
auditors have the ability to access a consistent language for Web 
security related issues.

Our first release of the Threat Classification document is available 
for download here:

http://www.webappsec.org/threat.html


Regards,

Jeremiah Grossman
WASC Spokesman