WebApp Sec mailing list archives
The new OWASP Testing Guide v3: published!
From: "Matteo Meucci" <matteo.meucci () gmail com>
Date: Tue, 16 Dec 2008 22:15:13 +0100
ANNOUNCING THE NEW "OWASP TESTING GUIDE v3 OWASP is announcing the new OWASP Testing Guide v3. The project as part of the OWASP Summer of Code, started on April 2008 reviewing the version 2, improving it. OWASP Testing Guide v3 is a 349 page book; we have split the set of active tests in 9 sub-categories for a total of 66 controls to test during the Web Application Testing activity. Each control has an OWASP name, so for example a SQL Injection is called: OWASP-DV-005, meaning that it is the 5th control of the Data Validation category. We got a dream team of 21 authors and 4 reviewers: after 6 months of hard work and great team work we realized the v3. We'd like to ask you to support OWASP to reach the following goals: *** Continuously improve the guide. The Guide is a "live" document: we always need your feedback! Please join our testing mailing list and share your ideas: http://lists.owasp.org/mailman/listinfo/owasp-testing *** Promote the Testing Guide. We would like to have some more media coverage on the guide, so please, if you know somebody in there put them in touch. If you have the chance, you can write an article about the Testing Guide and the new OWASP Projects. Also you can pick up the OWASP Testing Guide presentations and talk about it in local conferences and Chapter meetings. http://www.owasp.org/images/2/2c/OWASP_EU_Summit_2008_OWASP_Testing_Guide_v3.ppt *** Add 'quotes' to the Guide. We made a special 'quotes' pages for the Testing Guide. Here we'd want to add all the comments and references to the Guide. http://www.owasp.org/index.php/OWASP_Testing_Guide_Quotes The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues. Download the Guide Now: - http://www.owasp.org/index.php/OWASP_Testing_Project - http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf View the Presentation at the OWASP Summit 08: - http://www.owasp.org/images/2/2c/OWASP_EU_Summit_2008_OWASP_Testing_Guide_v3.ppt Join the Project Mailing List: - http://lists.owasp.org/mailman/listinfo/owasp-testing Thanks, Matteo Meucci -- Matteo Meucci OWASP-Italy Chair, CISSP, CISA http://www.owasp.org/index.php/Italy OWASP Testing Guide lead http://www.owasp.org/index.php/Testing_Guide ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- The new OWASP Testing Guide v3: published! Matteo Meucci (Dec 19)