Home page logo

pen-test logo Penetration Testing mailing list archives

SIFT Web Services Security Testing Framework
From: "Daniel Grzelak" <daniel.grzelak () sift com au>
Date: Mon, 13 Nov 2006 14:21:19 +1100

SIFT has released a new Intelligence Report titled 'A Web Services Security
Testing Framework'. The framework covers the entire web services security
testing process incorporating detailed threat modelling, scoping and
planning methodologies tailored specifically for web services applications.
It also provides a structured approach to assessing the security of a web
service through an application-level penetration test and aims to deliver a
repeatable means for security assurance.

A primary goal of this framework is to stimulate community interest and
drive the further development and adoption of structured security assurance
methodologies for web services. We welcome mailing list subscribers to
review the paper and will endeavour to incorporate feedback in future
versions of the framework. 

Please send feedback and suggestions to research () sift com au 

The paper is available for download from the SIFT website:

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
  • SIFT Web Services Security Testing Framework Daniel Grzelak (Nov 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]