Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Security Best Practice Resources

Re: Security Best Practice Resources

From: Michiel Kalkman <secfocus_at_linux.nl.com>
Date: Wed, 2 Apr 2003 15:48:33 +0200

Hard to believe no-one's mentioned
Secure Programming for Linux and Unix HOWTO -
http://www.dwheeler.com/secure-programs/

Which is more about actual code than about application
development, but still..

The Capability Maturity Model for Software (CMM) at
http://www.sei.cmu.edu/cmm/cmm.sum.html
might also be considered relevant.

And for evaluation there's always the Common Criteria (CC)..
http://www.commoncriteria.org/cc/cc.html

HTH,
     -Michiel.

On Tue, Apr 01, 2003 at 05:20:18AM -0800, phuc6_at_hushmail.com wrote:
>
> Could someone please post links to excellent resources, such as
> whitepapers etc, regarding application development security.
>
> The OWASP guide is great, but is there something even more general,
> not just limited to Web App Sec.
>
> - MC 

-- 
Experience is the way we endorse our prejudices.
Received on Apr 02 2003
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos