WebApp Sec: Re: Security Best Practice Resources

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

Re: Security Best Practice Resources

From: Michiel Kalkman <secfocus () linux nl com>
Date: Wed, 2 Apr 2003 15:48:33 +0200

Hard to believe no-one's mentioned 
Secure Programming for Linux and Unix HOWTO -
http://www.dwheeler.com/secure-programs/

Which is more about actual code than about application 
development, but still..

The Capability Maturity Model for Software (CMM) at 
http://www.sei.cmu.edu/cmm/cmm.sum.html
might also be considered relevant.

And for evaluation there's always the Common Criteria (CC)..
http://www.commoncriteria.org/cc/cc.html

HTH,
     -Michiel.

On Tue, Apr 01, 2003 at 05:20:18AM -0800, phuc6 () hushmail com wrote:


Could someone please post links to excellent resources, such as
whitepapers etc, regarding application development security.

The OWASP guide is great, but is there something even more general,
not just limited to Web App Sec.

- MC


-- 
Experience is the way we endorse our prejudices.

By Date By Thread

Current thread:

Re: Security Best Practice Resources, (continued)
- Re: Security Best Practice Resources Kevin Spett (Apr 01)
- Re: Security Best Practice Resources gunnar (Apr 01)
- Re: Security Best Practice Resources INSATech free (Apr 01)
  - Re: Security Best Practice Resources Alex Russell (Apr 01)
- Re: Security Best Practice Resources Razvan Peteanu (Apr 01)
- Re: Security Best Practice Resources Michiel Kalkman (Apr 02)
- RE: Security Best Practice Resources Michael Howard (Apr 01)