[OWASP-GUIDE] Full review observations
Adrian Wiesmann
awiesmann at swordlord.org
Fri Dec 13 03:25:32 EST 2002
> ISO 17799 might not be freely available, but it is an international
> standard, and you can freely participate in its being updated through
> ISO right now.
Oh and please don't forget about the "IT-Grundschutz", the German
equivalent to the Common Criteria or ISO 17799. There was a fight between
the British BSI and the German BSI about which of them two may be elected
as the ISO certification. Unfortunately it was not the german BSI which
won. So there is another wide used - at least in some parts of europe
including Germany and Switzerland - standard which we should have in that
paper. And the IT-Grundschutz goes much further than ISO...
Then there is also the OSSTMM - Open Source Security Testing Methodology
Manual - which we should also mention. You find more infos about that on:
http://www.isecom.org/
Phew.. much to do :)
Regards,
Adrian
More information about the Owasp-guide
mailing list