lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri Jun 30 09:40:14 2006 From: c0redump at ackers.org.uk (c0redump@...ers.org.uk) Subject: Fw: [WEB SECURITY] Application Security Program Google "STRIDE" and "DREAD" in terms of computer security; http://wiki.okopipi.org/wiki/Security_concerns -- c0redump ----- Original Message ----- From: huan chen To: full-disclosure@...ts.grok.org.uk Sent: Friday, June 30, 2006 3:40 AM Subject: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program forwarding to this list for opinion... ----- Original Message ----- From: "huan chen" <ktriv3di@....com> To: "Web Security" <websecurity@...appsec.org> Sent: Thursday, June 29, 2006 3:51 PM Subject: [WEB SECURITY] Application Security Program > List, > > We are trying to design a big picture information security program for out > organization. The goal is to concentrate on application security. Sub > tasks should include stuff like policy gap analysis, pen test balc box and > white box, etc. The goal is to do all the activities and measure progress > on an yearly basis/ > > Are thier any existing frameworks? Anything that has worked / not worked > for you guys? > > Thanks > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists