Re: Web Security Standards Body

From: Dominick Baier [DevelopMentor] (
Date: 04/20/05

Date: Wed, 20 Apr 2005 11:11:32 -0700

Hello Web,

well - there is the ISO 17799 / BS7799 Standard (

The Open Web Application Security Project (

or ISECOM Open Source Security Testing Methodoloy (


Dominick Baier - DevelopMentor

> Does anyone know if the W3C (or another accredited organization) has
> created a web security standard - something like the ISO 9000
> standard, but for security? I'm architecting a public site with
> sensitive data, and I'd like to have it's security model certified.
> Thank you.

Relevant Pages

  • Re: bootstrapping a secure channel
    ... >> that Alice and Bob recognize each others voices. ... The security of this rests on an assumption ... >> There is another standard approach to this kind of problem, ... Sharing this secret would require a secure channel, ...
  • Re: [Full-Disclosure] Apparently the practice was prevalent
    ... > continue to use the feature. ... As I said -- it is interesting how little concern some developers show ... for their clients larger security issues... ... "standard" as the standard that defines what an HTTP URL is is very ...
  • RE: Certification for Win2k Web Servers
    ... the SANS gold standard training is in understanding and applying the recent ... composite security standard for Microsoft Windows 2000 Professional (not ... > Subject: RE: Certification for Win2k Web Servers ... > the audit results from the single third party auditor. ...
  • Re: Lagging e-mail
    ... > Hi Mountain, ... The difference between the standard versus beta editions as follows: ... QUESTIONS ABOUT SECURITY ...
  • Re: audit file location
    ... exploiting a flaw in your code is much harder if you don't know what you are looking for - and as you most often cannot put directories into directory traversal attacks - putting those files even on a separate hard disk/partition is even more secure. ... Dominick Baier - DevelopMentor ... If further away is more secure, then that means both ASP's security ...