Re: Web Security Standards Body

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 04/20/05


Date: Wed, 20 Apr 2005 11:11:32 -0700

Hello Web,

well - there is the ISO 17799 / BS7799 Standard (http://www.bsi-global.com/ICT/index.xalter)

The Open Web Application Security Project (www.owasp.org)

or ISECOM Open Source Security Testing Methodoloy (http://www.isecom.org/)

HTH

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Does anyone know if the W3C (or another accredited organization) has
> created a web security standard - something like the ISO 9000
> standard, but for security? I'm architecting a public site with
> sensitive data, and I'd like to have it's security model certified.
>
> Thank you.
>



Relevant Pages

  • Re: bootstrapping a secure channel
    ... >> that Alice and Bob recognize each others voices. ... The security of this rests on an assumption ... >> There is another standard approach to this kind of problem, ... Sharing this secret would require a secure channel, ...
    (sci.crypt)
  • Re: [Full-Disclosure] Apparently the practice was prevalent
    ... > continue to use the feature. ... As I said -- it is interesting how little concern some developers show ... for their clients larger security issues... ... "standard" as the standard that defines what an HTTP URL is is very ...
    (Full-Disclosure)
  • RE: Certification for Win2k Web Servers
    ... the SANS gold standard training is in understanding and applying the recent ... composite security standard for Microsoft Windows 2000 Professional (not ... > Subject: RE: Certification for Win2k Web Servers ... > the audit results from the single third party auditor. ...
    (Focus-Microsoft)
  • Re: Lagging e-mail
    ... > Hi Mountain, ... The difference between the standard versus beta editions as follows: ... QUESTIONS ABOUT SECURITY ...
    (sci.med.transcription)
  • Re: audit file location
    ... exploiting a flaw in your code is much harder if you don't know what you are looking for - and as you most often cannot put directories into directory traversal attacks - putting those files even on a separate hard disk/partition is even more secure. ... Dominick Baier - DevelopMentor ... If further away is more secure, then that means both ASP's security ...
    (microsoft.public.dotnet.framework.aspnet.security)