[WEB SECURITY] Web application security - basics

Erwin Geirnaert egeirnaert at securityinnovation.be
Tue Aug 4 06:18:31 EDT 2009

Another plug:

Here we combine the statistics of WhiteHat, WASC and our experience to
create a non-technical whitepaper about web application security

Hope this helps...


Best regards,




From: Neil Matatall [mailto:nmatatal at uci.edu] 
Sent: dinsdag 4 augustus 2009 3:03
To: Bruce Peifer
Cc: application.secure application.secure; websecurity at webappsec.org
Subject: Re: [WEB SECURITY] Web application security - basics



It's almost a year old, but it covers everything in the OWASP Top 10
(and a little more).  (You should probably skip the architectural stuff
and go directly to slide 23).  The demos correspond to WebGoat lessons.
I will most likely be updating this presentation soon, but then again
I've been saying that for a while...


Bruce Peifer wrote: 

Perhaps this paper would help?




On Sun, Aug 2, 2009 at 9:38 AM, application.secure application.secure
<application.secure at gmail.com> wrote:


I'm looking a paper which explain the basics of application security
(critical vulenrabilities, why web application are vulnerable,  what are
the impact of attacks, how can we test applications ...)
There are a lot of document (especially on OWASP) but I don't find a
document which summarize application security




This message is for the named person's use only.  It may contain confidential, proprietary or legally privileged information.  No confidentiality or privilege is waived or lost by any mistransmission.  If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender.  You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. ZION SECURITY and any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks.
Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity.

Thank You. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20090804/867a73ce/attachment.html>

More information about the websecurity mailing list