[WEB SECURITY] [null] Application Categorization !!

Gaurav Shah shahgb at gmail.com
Wed May 4 01:09:37 EDT 2011


Hi Parmendra,

I actually wanted to gather all my thoughts before i could reply to this
query of yours.
I have put my comments inline.

On Thu, Apr 28, 2011 at 11:22 PM, Parmendra Sharma <s.parmendra at gmail.com>wrote:

> Hello Everyone,
>
> I request your inputs for the questions below:
>
>
>    - What are the factors based on which you put an application into one
>    of the category i.e: Small, Medium and Large application. May be you see /
>    ask your customer the number of dynamic pages within the apps etc..etc. What
>    factors make you to decide about the right category of an application.
>    [Gaurav] - I would first like to know why do you want to categorize in
>    Small, Medium & Large?
>
>
>    - Is there any tool among (Acunetix, Appscan and Webinspect) which is
>    capable of telling the scanned apps falls in which category i.e: Small,
>    Medium and Large [Gaurav] - No tool will help you categorize.
>
>
>    - What is the timeframe (standard if any) you generally take to perform
>    VA / PT for small, medium and large category applications for OWASP Top 10
>    vulnerabilities. [Gaurav] - The timeframe is more or less dependent upon the
>    complexity of the particular webpage/website.
>
>
>    - Has someone perform VA / PT on Push Technologies / Novel Technologies
>    such as Lightstreamer and AMF / Livecycle / Blaze, apps like CXF. (posted
>    this earlier also but did not recieve any comments....any little help will
>    be quit usefull) [Gaurav] - Sorry I have not worked on Push Technologies /
>    Novel Technologies.
>
>  Thanks a lot.
>
>
> --
> Thanks and Regards:
> Pam
>
> Parmendra Sharma
> Application Security Consultant
> email: s.parmendra at gmail.com
>
> --
> null - Spreading the right Information
> null Mailing list charter:
> http://null.co.in/section/about/null_list_charter/
>
> This list is supported by Institute of Information Security
> http://iisecurity.in
> Learn information security at your own pace – eLearning programs at
> http://elearning.iisecurity.in
>



-- 
Thanks & Regards
Gaurav Shah.
91-9552504002.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20110504/0d644c42/attachment-0003.html>


More information about the websecurity mailing list