WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

OpenHack and OWASP Testing Methodology

From: "David Endler" <dendler () owasp org>
Date: Tue, 3 Dec 2002 11:08:36 -0500
As a followup to the eweek OpenHack thread, here's a brief article by the
only winner.  The article is interesting in that it gives insight into a
webappsec tester's mindset and some of his methodology.

http://www.eweek.com/article2/0,3959,741368,00.asp

Speaking of methodology, the OWASP Testing Methodology is currently in peer
review and will be released for comment later this month.  Our aim is for
this document to be used in a variety of ways, from security professionals
looking to adopt an industry derived and proven methodology to web system
owners looking to conduct tests themselves or seeking to ensure their
consultants are comprehensively checking their applications.

-dave
Previous By Date Next
Previous By Thread Next

Current thread: