Hi, 
Guest
Pic
Sign In

websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

Risk Management and Application Security Controls

MS
Mostafa Siraj
Thu, Jan 22, 2015 1:37 PM

Hello,

I read a couple of resources in Risk Management (e.g. NIST, COBIT, ISO
27001) and all of them discusses risk management in general. Have anyone
encounter a book, website or any other rich resource that covers Risk
Management from Application Security perspective?

Thanks a lot

--
Best Regards,
Mostafa Siraj http://twitter.com/mostafasiraj

"Our deepest fear is not that we are inadequate. Our deepest fear is that
we are powerful beyond measure. It is our light, not our darkness, that
most frightens us. We ask ourselves, who am I to be brilliant, gorgeous,
talented, and fabulous?Actually, who are you not to be? You are a child of
God. Your playing small doesn't serve the world. There's nothing
enlightened about shrinking so that other people won't feel insecure around
you. We are all meant to shine, as children do. We are born to make
manifest the glory of God that is within us. It's not just in some of us,
it's in everyone. And as we let our own light shine, we unconsciously give
other people permission to do the same. As we are liberated from our own
fear, our presence automatically liberates others." --Nelson Mandela--

Hello, I read a couple of resources in Risk Management (e.g. NIST, COBIT, ISO 27001) and all of them discusses risk management in general. Have anyone encounter a book, website or any other rich resource that covers Risk Management from Application Security perspective? Thanks a lot -- Best Regards, Mostafa Siraj <http://twitter.com/mostafasiraj> "Our deepest fear is not that we are inadequate. Our deepest fear is that we are powerful beyond measure. It is our light, not our darkness, that most frightens us. We ask ourselves, who am I to be brilliant, gorgeous, talented, and fabulous?Actually, who are you not to be? You are a child of God. Your playing small doesn't serve the world. There's nothing enlightened about shrinking so that other people won't feel insecure around you. We are all meant to shine, as children do. We are born to make manifest the glory of God that is within us. It's not just in some of us, it's in everyone. And as we let our own light shine, we unconsciously give other people permission to do the same. As we are liberated from our own fear, our presence automatically liberates others." --Nelson Mandela--
FK
Fatih KARAYUMAK(BILGEM)
Mon, Feb 2, 2015 1:43 PM

AFAIK there is no specific document on the subject "RA in Application Security". But there are widely used methods and tools. For NATO projects for intance, mostly MAGERIT methodology and PILAR tool are being used for threat identification and risk analysis. MS SDL and OWASP offer some tools and framworks also.

Hope that helps.

all the best
Fatih

----- Orijinal Mesaj -----

Kimden: "Mostafa Siraj" mostafa.siraj@gmail.com
Kime: websecurity@lists.webappsec.org
Gönderilenler: 22 Ocak Perşembe 2015 15:37:19
Konu: [WEB SECURITY] Risk Management and Application Security Controls

Hello,

I read a couple of resources in Risk Management (e.g. NIST, COBIT, ISO 27001) and all of them discusses risk management in general. Have anyone encounter a book, website or any other rich resource that covers Risk Management from Application Security perspective?

Thanks a lot

--
Best Regards,
Mostafa Siraj

"Our deepest fear is not that we are inadequate. Our deepest fear is that we are powerful beyond measure. It is our light, not our darkness, that most frightens us. We ask ourselves, who am I to be brilliant, gorgeous, talented, and fabulous?Actually, who are you not to be? You are a child of God. Your playing small doesn't serve the world. There's nothing enlightened about shrinking so that other people won't feel insecure around you. We are all meant to shine, as children do. We are born to make manifest the glory of God that is within us. It's not just in some of us, it's in everyone. And as we let our own light shine, we unconsciously give other people permission to do the same. As we are liberated from our own fear, our presence automatically liberates others." --Nelson Mandela--

The Web Security Mailing List

WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss

Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA

WASC on Twitter
http://twitter.com/wascupdates

websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org

AFAIK there is no specific document on the subject "RA in Application Security". But there are widely used methods and tools. For NATO projects for intance, mostly MAGERIT methodology and PILAR tool are being used for threat identification and risk analysis. MS SDL and OWASP offer some tools and framworks also. Hope that helps. all the best Fatih ----- Orijinal Mesaj ----- Kimden: "Mostafa Siraj" <mostafa.siraj@gmail.com> Kime: websecurity@lists.webappsec.org Gönderilenler: 22 Ocak Perşembe 2015 15:37:19 Konu: [WEB SECURITY] Risk Management and Application Security Controls Hello, I read a couple of resources in Risk Management (e.g. NIST, COBIT, ISO 27001) and all of them discusses risk management in general. Have anyone encounter a book, website or any other rich resource that covers Risk Management from Application Security perspective? Thanks a lot -- Best Regards, Mostafa Siraj "Our deepest fear is not that we are inadequate. Our deepest fear is that we are powerful beyond measure. It is our light, not our darkness, that most frightens us. We ask ourselves, who am I to be brilliant, gorgeous, talented, and fabulous?Actually, who are you not to be? You are a child of God. Your playing small doesn't serve the world. There's nothing enlightened about shrinking so that other people won't feel insecure around you. We are all meant to shine, as children do. We are born to make manifest the glory of God that is within us. It's not just in some of us, it's in everyone. And as we let our own light shine, we unconsciously give other people permission to do the same. As we are liberated from our own fear, our presence automatically liberates others." --Nelson Mandela-- _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity@lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
Empathy v1.0   2024 ©Harmonylists.com