WebApp Sec mailing list archives
Re: Guidlines for Testing Web Applications
From: dan cuthbert <dan () idsec com>
Date: Thu, 20 Mar 2003 18:49:12 +0000
Hi The OWASP testing team are currently working on a testing framework guide that explains from start to finish the steps needed to be taken when performing a audit on web applications more info can be found here http://www.owasp.org/testing/ dan On Thu, Mar 20, 2003 at 08:28:37AM -0500, Lecia McCalla tapped away......
All, I am a Business Analyst/Trainer at the company where I work. I am now required to assist in the testing of web applications with the focus on the security aspect. Where as I have experience in testing, I have no experience in security as it relates to web applications. Can you help me? When testing a web application with focus on security what do I look for? Are there any written guidelines that I should follow? So far I have been researching SSL and SQL Injections. Any ideas? NOTE: I am a fast learner. :-)
Current thread:
- Security Assessment on J2EE Environments Iggeres Bet (Mar 19)
- Re: Security Assessment on J2EE Environments Jeff Williams @ Aspect (Mar 20)
- Re: Security Assessment on J2EE Environments Iggeres Bet (Mar 20)
- <Possible follow-ups>
- Re: Security Assessment on J2EE Environments bugtraq (Mar 19)
- RE: Security Assessment on J2EE Environments McLean, Michael R (Mar 19)
- Guidlines for Testing Web Applications Lecia McCalla (Mar 20)
- Re: Guidlines for Testing Web Applications dan cuthbert (Mar 20)
- Guidlines for Testing Web Applications Lecia McCalla (Mar 20)
- Security Assessment on J2EE Environments Gary Gwin (Mar 20)
- Re: Security Assessment on J2EE Environments Jeff Williams @ Aspect (Mar 20)