| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 08 Feb 2008 07:33:17 +0200 From: Ofer Shezaf <ofers@...ach.com> To: Bugtraq <bugtraq@...urityfocus.com> Subject: Web Hacking Incidenets Database 2007 annual Report is out The Web Hacking Incidents Database (WHID) annual report for 2007 is out. The WHID 2007 annual report builds on the new metrics we recently added to WHID, such as attack method, attack outcome, country and industry sector of hacked organization to analyze web hacking trends in 2007. In the report we discuss the drivers for web hacking, the vulnerabilities exploited and the types of organization attacked. We hope that the report can serve to highlight the web application security issue and as a base for risk analysis for web applications. The report was prepared by The Web Application Security Consortium (WASC) together with Breach Security Labs, the research arm of Breach Security, which sponsors the project. The report is available at: http://www.webappsec.org/projects/whid/statistics.shtml ~ Ofer Ofer Shezaf Work: ofers@...ach.com, +972-9-9560036 #212 Personal: ofer@...zaf.com, +972-54-4431119 VP Security Research, Breach Security Chair, OWASP Israel Leader, ModSecurity Core Rule Set Project Leader, WASC Web Hacking Incidents Database Project
Powered by blists - more mailing lists