[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Fwd: [Webappsec] Call for Assistance: OWASP Virtual Patching Survey



From the folks at OWASP. Please take a moment to provide feedback if
you have helpful comments.

---------- Forwarded message ----------
From: Ryan Barnett <rcbarnett@xxxxxxxxx>
Date: Mon, Feb 20, 2012 at 10:25 AM
Subject: [Webappsec] Call for Assistance: OWASP Virtual Patching Survey
To: webappsec@xxxxxxxxxxxxxxx

Identification of web application vulnerabilities is only half the
battle with remediation efforts as the other.  In an ideal world,
application defects could be quickly fixed within the application's
code and pushed out into production rapidly.  Let’s face the facts,
there are many real world business scenarios where it is not possible
to update web application code in either a timely manner or at all.
This is where the tactical use-case of implementing virtual patches to
reduce attack surface plays a critical role.

In an effort to obtain valid data on virtual patching processes and
challenges, OWASP has created a community survey.  If your
organization leverages virtual patching as a part of your remediation
strategy, please fill out the survey -
https://www.surveymonkey.com/s/76YQH5J

It is only 10 questions and by taking the survey, you could also win a
free spot in the upcoming OWASP AppSecDC Virtual Patching Workshop.

Thanks for your help.

--
Ryan Barnett
Trustwave SpiderLabs
ModSecurity Project Leader
OWASP ModSecurity CRS Project Leader

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/