[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program
From:       <c0redump () ackers ! org ! uk>
Date:       2006-06-30 8:39:56
Message-ID: 001901c69c20$c526d1e0$0100a8c0 () TRINITY
[Download RAW message or body]

Google "STRIDE" and "DREAD" in terms of computer security; 
http://wiki.okopipi.org/wiki/Security_concerns

-- c0redump

----- Original Message ----- 
From: huan chen
To: full-disclosure@lists.grok.org.uk
Sent: Friday, June 30, 2006 3:40 AM
Subject: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program


forwarding to this list for opinion...

----- Original Message ----- 
From: "huan chen" <ktriv3di@msn.com>
To: "Web Security" <websecurity@webappsec.org>
Sent: Thursday, June 29, 2006 3:51 PM
Subject: [WEB SECURITY] Application Security Program


> List,
>
> We are trying to design a big picture information security program for out 
> organization. The goal is to concentrate on application security. Sub 
> tasks should include stuff like policy gap analysis, pen test balc box and 
> white box, etc. The goal is to do all the activities and measure progress 
> on an yearly basis/
>
> Are thier any existing frameworks? Anything that has worked / not worked 
> for you guys?
>
> Thanks
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/ 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]