WebApp Sec mailing list archives
Re: Software security specifications
From: Angelo Perniola <perniola () gmail com>
Date: Tue, 22 Feb 2005 17:31:53 +0100
On Mon, 21 Feb 2005 17:17:01 +0100, i.matilde () gmail com <i.matilde () gmail com> wrote:
I need to develop a policy that will list security requirements for new applications developed internally or by contractors, general specifications like validate input ecc...., I am looking for some good resources on the subject, any recommendations?
Hello list members, I find the topic very interesting as I am working on it right now, focusing on web applications development. As a starting point I've found very useful insights from the OWASP guide (http://www.owasp.org/documentation/guide.html) and from one book available on MSDN (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/ThreatCounter.asp). Of course, the usual secure programming resources (Wheeler, etc.) are helpful too. HTH, ang
Current thread:
- Software security specifications i.matilde () gmail com (Feb 21)
- Re: Software security specifications Jeff Williams (Feb 21)
- Re: Software security specifications udayan pathak (Feb 21)
- Re: Software security specifications i.matilde () gmail com (Feb 23)
- Re: Software security specifications Angelo Perniola (Feb 23)
- Re: Software security specifications Andrew van der Stock (Feb 23)