WebApp Sec mailing list archives
Administrivia: Webappsec Vendor Directory
From: Andrew van der Stock <vanderaj () greebo net>
Date: Wed, 9 Apr 2008 14:15:12 -0400
Hi there, ** Full disclosure: I work for Aspect Security. This is why I have refrained publicly posting as it is a conflict of interest. I am walking a very fine line here. With this post, I aim to represent you, the webappsec reader in this matter, not my employer nor myself. ** The thread on web app sec companies highlights several issues: it can be tricky to find them - so a directory is needed, but some folks have mixed experiences with some companies whilst others love their favorite vendor, and some folks will post on behalf of their employer without disclosing that. The responses so far show all of these attributes. This list is not an advertising service, so I will make it as vendor neutral as possible. I will be rejecting any further posts to this thread beyond the ones I had in my queue. The only exception to the approval to that thread is for company representatives who feel they need a right of reply to a post that takes a shot at them. Instead, to make it fair to all webappsec vendors whilst helping out our readers, I will: * Collect all the responses with company names and publish them here in one single list Friday next week. If you're in this business, please mail me privately (see my address in the headers) and I will add your details to the list. You have until Thursday 17th of April to do this. * Ask Security Focus if we can make that into a FAQ entry on our mailing list page. Most likely that will not happen as a) the list is supported by one of the companies mentioned, and Security Focus itself is owned by Symantec, who through their @stake arm do this sort of work. * Ask OWASP and WASC to re-publish the same list as a business directory on their respective web sites, but most likely that will not happen as OWASP is about vendor neutrality, and WASC is made up of many of the vendors mentioned so far. * If neither FAQ entry comes to pass, I'll make a post on my blog. But that's an absolute last resort as my blog is in the outer arm of the blogosphere, and the information will become stale. thanks, Andrew, your friendly moderator -------------------------------------------------------------------------Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- Re: Top webappsec testing vendors? WebAppSec Mailbox (Apr 09)
- Re: Top webappsec testing vendors? Jamie Riden (Apr 09)
- Administrivia: Webappsec Vendor Directory Andrew van der Stock (Apr 09)
- Re: Administrivia: Webappsec Vendor Directory bugtraq (Apr 10)
- Administrivia: Webappsec Vendor Directory Andrew van der Stock (Apr 09)
- <Possible follow-ups>
- Re: Top webappsec testing vendors? Bill Stout (Apr 09)
- Re: Top webappsec testing vendors? Jamie Riden (Apr 09)