WebApp Sec mailing list archives
SIFT Web Services Security Testing Framework
From: "Paul Theriault" <paul.theriault () sift com au>
Date: Mon, 13 Nov 2006 14:38:12 +1100
SIFT has released a new Intelligence Report titled 'A Web Services Security Testing Framework'. The framework covers the entire web services security testing process incorporating detailed threat modelling, scoping and planning methodologies tailored specifically for web services applications. It also provides a structured approach to assessing the security of a web service through an application-level penetration test and aims to deliver a repeatable means for security assurance. A primary goal of this framework is to stimulate community interest and drive the further development and adoption of structured security assurance methodologies for web services. We welcome mailing list subscribers to review the paper and will endeavour to incorporate feedback in future versions of the framework. Please send feedback and suggestions to research () sift com au. The paper is available for download from the SIFT website: http://www.sift.com.au/36/175/a-web-services-security-testing-framework.htm ------------------------------------------------------------------------- Sponsored by: Watchfire It's been reported that 75% of websites are vulnerable to attack. That's because hackers know to exploit weaknesses in web applications. Traditional approaches to securing these assets no longer apply. Download the "Addressing Challenges in Application Security" whitepaper today, and see for yourself. https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008YTU --------------------------------------------------------------------------
Current thread:
- SIFT Web Services Security Testing Framework Paul Theriault (Nov 13)