The Web Application Security Consortium is pleased to announce a new project
"Web Application Security Scanner Evaluation Criteria (WASSEC)". Currently WASC is seeking volunteers
from various sections of the community including penetration testers, scanner vendors, security researchers
and also end users to contribute to the project.
A brief description of the project
The Web Application Security Evaluation Criteria is a set of guidelines to evaluate web application
security scanners on their identification of web application vulnerabilities and its completeness. It
will cover things like crawling, parsing, session handling, types of vulnerabilities and information
about those vulnerabilities. The goal of this project is to evaluate the technical aspects of the web
application security scanners and NOT the features provided by it.
The project page can be found at
http://www.webappsec.org/projects/wassec/
If you would like to be involved with the project, please contact Anurag Agarwal (anurag.agarwal_at_yahoo.com)
Regards,
- announcements_at_webappsec.org
http://www.webappsec.org/ The Web Application Security Consortium
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
-------------------------------------------------------------------------
Sponsored by: Watchfire
The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online
despite security executives' efforts to prevent malicious attacks. This
whitepaper identifies the most common methods of attacks that we have seen,
and outlines a guideline for developing secure web applications.
Download today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe
--------------------------------------------------------------------------
Received on Aug 15 2007
Intro
