WebApp Sec mailing list archives
Re: Security Testing
From: "planz" <planz235 () hotmail com>
Date: Tue, 4 Mar 2003 16:28:07 +0800
It depends. Normally this kind of checking is given to a separate team to verify. In our organization, our developers normally write the programs, and a separate web application security team verifies the security of the application with pre-defined security requirements. Developer doing a security testing may not yield actual test results. ----- Original Message ----- From: "Ramirez, Manuel N (CORP, DDEMESIS)" <Manuel.Ramirez () ddemesis ge com> To: <webappsec () securityfocus com> Sent: Tuesday, March 04, 2003 2:09 AM Subject: Security Testing Hi everybody, I was wondering if some of you have some papers regarding web applications security testing. I'm working on a CMM iniciative and we are planning to include a security testing phase so every new developed application is security-error free. Would you recommend every development team to perform security testing or it's better to have a group of experienced people doing these activities for all of the developed applications? Best regards, Manuel
Current thread:
- Security Testing Ramirez, Manuel N (CORP, DDEMESIS) (Mar 03)
- Re: Security Testing Kevin Spett (Mar 03)
- Re: Security Testing Jeff Williams @ Aspect (Mar 03)
- RE: Security Testing drG4njubas (Mar 03)
- Re: Security Testing planz (Mar 04)
- <Possible follow-ups>
- Re: Security Testing Bill Pennington (Mar 03)
- RE: Security Testing Pitts, Christopher C. (Mar 03)
- RE: Security Testing Brass, Phil (ISS Atlanta) (Mar 03)
- RE: Security Testing scott wood (Mar 03)
- Re: Security Testing Kevin Spett (Mar 03)