[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program
- To: "huan chen" <ktriv3di@xxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program
- From: <c0redump@xxxxxxxxxxxxx>
- Date: Fri, 30 Jun 2006 09:39:56 +0100
Google "STRIDE" and "DREAD" in terms of computer security;
http://wiki.okopipi.org/wiki/Security_concerns
-- c0redump
----- Original Message -----
From: huan chen
To: full-disclosure@xxxxxxxxxxxxxxxxx
Sent: Friday, June 30, 2006 3:40 AM
Subject: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program
forwarding to this list for opinion...
----- Original Message -----
From: "huan chen" <ktriv3di@xxxxxxx>
To: "Web Security" <websecurity@xxxxxxxxxxxxx>
Sent: Thursday, June 29, 2006 3:51 PM
Subject: [WEB SECURITY] Application Security Program
List,
We are trying to design a big picture information security program for out
organization. The goal is to concentrate on application security. Sub
tasks should include stuff like policy gap analysis, pen test balc box and
white box, etc. The goal is to do all the activities and measure progress
on an yearly basis/
Are thier any existing frameworks? Anything that has worked / not worked
for you guys?
Thanks
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/