Re: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program
- From: <c0redump@xxxxxxxxxxxxx>
- Date: Fri, 30 Jun 2006 09:39:56 +0100
Google "STRIDE" and "DREAD" in terms of computer security; http://wiki.okopipi.org/wiki/Security_concerns
-- c0redump
----- Original Message ----- From: huan chen
To: full-disclosure@xxxxxxxxxxxxxxxxx
Sent: Friday, June 30, 2006 3:40 AM
Subject: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program
forwarding to this list for opinion...
----- Original Message ----- From: "huan chen" <ktriv3di@xxxxxxx>
To: "Web Security" <websecurity@xxxxxxxxxxxxx>
Sent: Thursday, June 29, 2006 3:51 PM
Subject: [WEB SECURITY] Application Security Program
List,
We are trying to design a big picture information security program for out organization. The goal is to concentrate on application security. Sub tasks should include stuff like policy gap analysis, pen test balc box and white box, etc. The goal is to do all the activities and measure progress on an yearly basis/
Are thier any existing frameworks? Anything that has worked / not worked for you guys?
Thanks
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- Prev by Date: Re: FW: [Full-disclosure] Are consumers being misled by "phishing"?
- Next by Date: Re: FW: [Full-disclosure] Are consumers being misled by "phishing"?
- Previous by thread: [Full-disclosure] WIKI / Sharepoint managed service
- Next by thread: [Full-disclosure] RFID Attack theory
- Index(es):
Relevant Pages
|
|
