RE: Application Security



Reference on the subject. Members view on these points how they are managing similar
Requirement. Information on tools etc.

Regards,
 
Milind Nanal

-----Original Message-----
From: Yiannis Koukouras [mailto:ikoukouras@xxxxxxxxx]
Sent: Wednesday, January 11, 2012 6:33 PM
To: Milind Nanal
Cc: security-basics@xxxxxxxxxxxxxxxxx; webappsec@xxxxxxxxxxxxxxxxx; pen-test@xxxxxxxxxxxxxxxxx
Subject: Re: Application Security

Hi,

Not sure what you are actually looking for...

Are you looking for references on those subjects or are you looking to
recruit people to perform this tasks?

BR,
Ioannis (Yiannis) Koukouras
CISSP, CISA, CISM, OSCP
MSc in Computer Systems Security
BEng in Electronic Engineering
http://www.linkedin.com/in/ikoukouras


On Wed, Jan 4, 2012 at 8:59 AM, Milind Nanal <Milind.Nanal@xxxxxxxxxx> wrote:

Hi Mailing list,

Seeking help below scenario  :

1) The organization software development life cycle where in application security needs to be plugged in as focused approach.
2) Deployment & planning on roles & responsibilities of dedicated 4-5 members as apps tester & an apps test manager from info sec apps testing.
3) Plan for training developers, quality staff & apps testing team on various info sec aspect of application security.
4) Decision on open source , commercial tool to be used as apps VA Pen testing.


Regards,

Milind Nanal


___________________________________________________________________________________________________________________

DISCLAIMER
This message including attachment(s) is intended only for the personal and confidential use of the recipient(s) named above. This communication is for informational purposes only. Email transmission cannot be guaranteed to be secure or error-free. All information is subject to change without notice. If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. If you are not the intended recipient, please contact: helpdesk@xxxxxxxxxx

eClerx - An ISO/IEC 27001:2005 Certified Organization
___________________________________________________________________________________________________________________




This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Relevant Pages

  • Re: Q about passing data as a const array
    ... resolve the security problem, ... Using an opaque type gives you about as much security as anything ... Sometimes the reference is a void ... * pointer that actually points to an instance struct. ...
    (comp.lang.c)
  • Re: Deploying multiple EXEs using the basic publish mechanism of
    ... I unchecked Enable clickonce security in all the projects that I wanted to reference in the man project. ... when I did attempt to publish a referenced project publishing turned the Enable click once security option back on! ... Reference APP 2 in APP1 via the project tab, ...
    (microsoft.public.dotnet.general)
  • Re: I DO NOT BELIEVE THE AROGANCE.
    ... hour of exchanging yes no answers with him; he was not CIA officer, ... control off all security lines. ... and supply their response. ... Question Reference #080310-000086 ...
    (soc.culture.europe)
  • Re: Application Security
    ... The organization software development life cycle where in application security needs to be plugged in as focused approach. ... quality staff & apps testing team on various info sec aspect of application security. ... It's Finally Here - The Cenzic Website HealthCheck. ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Created/Working on a reference for InfoSec
    ... Made a reference application/site called InfoSec Reference that is a collection of info on various InfoSec items. ... Security; Web Application Security; Local Network Security; Building a ... I feltthat there is a distinct lack of consolidated information sources for Information Security. ... My two immediate goals are: ...
    (Security-Basics)