lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri Jun 30 09:40:14 2006
From: c0redump at ackers.org.uk (c0redump@...ers.org.uk)
Subject: Fw: [WEB SECURITY] Application Security Program

Google "STRIDE" and "DREAD" in terms of computer security; 
http://wiki.okopipi.org/wiki/Security_concerns

-- c0redump

----- Original Message ----- 
From: huan chen
To: full-disclosure@...ts.grok.org.uk
Sent: Friday, June 30, 2006 3:40 AM
Subject: [Full-disclosure] Fw: [WEB SECURITY] Application Security Program


forwarding to this list for opinion...

----- Original Message ----- 
From: "huan chen" <ktriv3di@....com>
To: "Web Security" <websecurity@...appsec.org>
Sent: Thursday, June 29, 2006 3:51 PM
Subject: [WEB SECURITY] Application Security Program


> List,
>
> We are trying to design a big picture information security program for out 
> organization. The goal is to concentrate on application security. Sub 
> tasks should include stuff like policy gap analysis, pen test balc box and 
> white box, etc. The goal is to do all the activities and measure progress 
> on an yearly basis/
>
> Are thier any existing frameworks? Anything that has worked / not worked 
> for you guys?
>
> Thanks
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/ 


Powered by blists - more mailing lists