WebApp Sec mailing list archives

RE: Two questions: FAQ and OWASP ASAC

From: "Bob Auger" <bauger () spidynamics com>
Date: Fri, 14 Jan 2005 10:54:30 -0500

1) Does this list have a FAQ, and if so, where is it? Is it the
   same as http://www.webappsec.org/faq.html ? (The site appears
   to be down.)


The FAQ on the Web Application Security Consortiums website is a FAQ for that organization, and isn't related to 
securityfocus's webappsec mailing list.

2) Whatever happened to OWASP's Application Security Attack Components
   that used to be available at http://www.owasp.org/asac ? Did it
   somehow morph into the WASC's Threat Classifications, at
   http://www.webappsec.org/threat.html ?  They look pretty similar
   (from what I can recall of OWASP's ASAC, at least.)


I can't answer for OWASP but the WASC is a separate organization and has in no way merged with OWASP. The goals of both 
OWASP and WASC are to educate people on the threats of web application security issues and therefore may contain 
similar types of material relating to web security.


Robert 
SPI Labs
http://www.spidynamics.com/

Current thread:

Two questions: FAQ and OWASP ASAC Wall, Kevin (Jan 14)
- Re: Two questions: FAQ and OWASP ASAC Rogan Dawes (Jan 14)
- <Possible follow-ups>
- RE: Two questions: FAQ and OWASP ASAC Bob Auger (Jan 15)