[WEB SECURITY] [null] Application Categorization !!
shahgb at gmail.com
Wed May 4 01:09:37 EDT 2011
I actually wanted to gather all my thoughts before i could reply to this
query of yours.
I have put my comments inline.
On Thu, Apr 28, 2011 at 11:22 PM, Parmendra Sharma <s.parmendra at gmail.com>wrote:
> Hello Everyone,
> I request your inputs for the questions below:
> - What are the factors based on which you put an application into one
> of the category i.e: Small, Medium and Large application. May be you see /
> ask your customer the number of dynamic pages within the apps etc..etc. What
> factors make you to decide about the right category of an application.
> [Gaurav] - I would first like to know why do you want to categorize in
> Small, Medium & Large?
> - Is there any tool among (Acunetix, Appscan and Webinspect) which is
> capable of telling the scanned apps falls in which category i.e: Small,
> Medium and Large [Gaurav] - No tool will help you categorize.
> - What is the timeframe (standard if any) you generally take to perform
> VA / PT for small, medium and large category applications for OWASP Top 10
> vulnerabilities. [Gaurav] - The timeframe is more or less dependent upon the
> complexity of the particular webpage/website.
> - Has someone perform VA / PT on Push Technologies / Novel Technologies
> such as Lightstreamer and AMF / Livecycle / Blaze, apps like CXF. (posted
> this earlier also but did not recieve any comments....any little help will
> be quit usefull) [Gaurav] - Sorry I have not worked on Push Technologies /
> Novel Technologies.
> Thanks a lot.
> Thanks and Regards:
> Parmendra Sharma
> Application Security Consultant
> email: s.parmendra at gmail.com
> null - Spreading the right Information
> null Mailing list charter:
> This list is supported by Institute of Information Security
> Learn information security at your own pace – eLearning programs at
Thanks & Regards
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity