[WEB SECURITY] Findings.

Nitchi DaMon nitchimon at yahoo.com
Thu Feb 4 10:50:13 EST 2010

Greetings all,

Since we are "X" years into Application Security, I remember seeing a new report or reports that people are starting to recognize we are still having App Vulns.

The report(s) showed that while no training and no SDLC and other things missing showed initially that upwards to 80 to 95% of software had vulnerabilities.  But after training, and a few years of AppSec techniques, it was found that the number dropped to 30 to 40%. But the issues were still there. They were still there because of sloppiness and various reasons.

I thought I saved the link and or the papers local, but discoverd I saved the wrong URLs.  

Does anyone remember these reports and can you please forward to me the links ?




Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list