WASC Announcement: ‘WASSEC Project’ Call for Participants
Anurag Agarwal has posted a WASC Announcement about the Web Application Security Evaluation Criteria (WASSEC) Project on the application security blog. This really appears to be a unique effort - as it is a set of guidelines to evaluate web application security scanners on their identification of web application vulnerabilities and their overall completeness. It aims to cover things like crawling, parsing, session handling, the types of vulnerabilities and the actual information about those vulnerabilities themselves.
The goal of this project is to evaluate the technical aspects of the web application security scanners and *not* focus simply on the features provided.
Read More: http://myappsecurity.blogspot.com/2007/08/wasc-announcement-wassec-project-call.htmlÂ
About this entry
You’re currently reading “WASC Announcement: ‘WASSEC Project’ Call for Participants,” an entry on Patrick M. Reilly
- Published:
- 08.14.07 / 11am
- Category:
- OmniTI, PHP, Security, Security Audits, WASC, WASSEC, Web Application Scanners
No comments
Jump to comment form | comments rss [?] | trackback uri [?]