[WEB SECURITY] web app security policies?

Arin Komins akomins at uchicago.edu
Wed Jun 29 10:23:05 EDT 2005

Hi folks,

Does anyone have examples of policies that they use for web application 
security in their organizations that they are willing to share?

Not in the sense of a policy to have a tool audit upon, but a written 
formal policy  that you can hand out to the coders, architects, sysadmins, 

While I'm initially concerned with something to hand out to coders and 
architects, I'd really like to see something that covers end to end web 
app lifecycle security.

(I'm working on one for my University now, but would like to see what 
other folks in the community have.)


Arin Komins			       	      akomins at uchicago.edu
Assistant Director/ENSS
University of Chicago/NSIT/ENSS			tel: (773)834-4087
1155 E. 60th St. #418	 Chicago, IL 60637	fax: (773)702-0559

The Web Security Mailing List

The Web Security Mailing List Archives

More information about the websecurity mailing list