WebApp Sec mailing list archives
RE: Web Site Certification
From: "Craig Wright" <cwright () bdosyd com au>
Date: Fri, 28 Apr 2006 07:23:19 +1000
They have made a warranty statement - not a guarantee. They may seem similar - but the legal differentiation is great. Regards Craig -----Original Message----- From: Nathaniel Hall [mailto:lists () nathanhall net] Sent: Thursday, 27 April 2006 11:24 PM To: Marco Passarella Cc: webappsec () securityfocus com Subject: Re: Web Site Certification Marco Passarella wrote:
Hi all, what do you think about the remote services that promise your site to be "hacker free"? Can you really monitor remotely the security of a site using a scanner? Here is an example: http://www.scanalert.com/
It isn't that the site is necessarily "hacker free." They have simply guaranteed that the site is not vulnerable to the FBI/SANS top vulnerabilities (www.sans.org/top20/). They also meet various credit card requirements (VISA CISP/PCI). Click on the "Hacker Safe" logo to see an explanation. -- Nathaniel Hall, GSEC GCFW GCIA ------------------------------------------------------------------------ - Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today! https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF ------------------------------------------------------------------------ -- Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. DISCLAIMER The information contained in this email and any attachments is confidential. If you are not the intended recipient, you must not use or disclose the information. If you have received this email in error, please inform us promptly by reply email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. Any views expressed in this message are those of the individual sender. You may not rely on this message as advice unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by a Partner of BDO. BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, interception, corruption or unauthorised access. ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today! https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF --------------------------------------------------------------------------
Current thread:
- Web Site Certification Marco Passarella (Apr 27)
- Re: Web Site Certification Dean H. Saxe (Apr 27)
- Re: Web Site Certification Nathaniel Hall (Apr 27)
- <Possible follow-ups>
- RE: Web Site Certification Craig Wright (Apr 27)
- RE: Web Site Certification Craig Wright (Apr 27)
- RE: Web Site Certification Adam Mikrut (Apr 27)
- Re: Web Site Certification Adam Tuliper (Apr 28)
- Re: Web Site Certification Admin Dbtech (Apr 27)
- Re: Web Site Certification ROB DIXON (Apr 27)
- RE: Web Site Certification ROB DIXON (May 01)