Penetration Testing mailing list archives
Web App Complexity Metrics / Scoping a Web App
From: "Jonathan Cran" <jcran () 0x0e org>
Date: Wed, 25 Mar 2009 11:44:10 -0700
Since we're on the topic of metrics, I'd like to throw out this question: How are you currently scoping web applications for review? I'm trying to come up with a better way to measure the complexity of applications (and thus, the time required to test). I'd like to keep it as simple as possible. Here's what I've got so far: - How many backend components are involved? (Database / Middle Tier) - Does the application have a web services interface? - Are client-side - javascript - flash - or other RIA technologies used for business logic? - How many static pages? - How many dynamic pages? What other metrics are you using to scope application assessments? jcran jcran () 0x0e org
Current thread:
- Webservices security rafael . pandini (Mar 24)
- RE: Webservices security Debasis Mohanty (Mar 24)
- Web App Complexity Metrics / Scoping a Web App Jonathan Cran (Mar 26)
- Re: Web App Complexity Metrics / Scoping a Web App NeZa (Mar 30)
- RE: Web App Complexity Metrics / Scoping a Web App Jonathan Cran (Mar 30)
- Re: Web App Complexity Metrics / Scoping a Web App Paul Melson (Mar 30)
- RE: Web App Complexity Metrics / Scoping a Web App Jonathan Cran (Mar 30)
- Web App Complexity Metrics / Scoping a Web App Jonathan Cran (Mar 26)
- RE: Webservices security Debasis Mohanty (Mar 24)