[Owasp-appsensor-project] Detection Points in Wiki

Michael Coates michael.coates at owasp.org
Thu Feb 18 15:45:32 EST 2010


Ikes, there are lots of cross references.  Perhaps we can cross reference to
the XSS category instead of all 134 rules.  I think its good for us to show
that the two projects are inter-related. But we don't need to spin our
wheels maintaining every single cross-reference point.


Michael Coates
OWASP Global Membership Committee
AppSensor Project Lead - http://DefendTheApp.com


On Thu, Feb 18, 2010 at 3:49 AM, Colin Watson <colin.watson at owasp.org>wrote:

> The links to separate code pages will work well.
>
> I tried adding a cross-reference to ModSecurity CRS in this one:
>
>
> http://www.owasp.org/index.php/AppSensor_DetectionPoints#EE2:_Unexpected_Encoding_Used
>
> But I realise there are 299 AppSensor tags in the CRS rules:
>
> - protocol violations: 3 rules
> - http policy: 2 rules
> - generic attacks: 32 rules
> - SQL injection: 128 rules
> - XSS attacks: 134 rules
>
> so that won't work.  Perhaps a separate page would be more useful, but
> even that may be difficult to keep up-to-date.
>
> Colin
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100218/a3977f49/attachment.html 


More information about the Owasp-appsensor-project mailing list