[Owasp-alabama] old news, new news?

owasp-alabama at lists.owasp.org owasp-alabama at lists.owasp.org
Thu Feb 11 13:16:09 EST 2010


This actually brings up a good question. Currently, I'm used to doing
milestone based code reviews, then a dynamic assessment at the end of a
project before certifying it.
How do you guys interpret ASVS integrating into it?
Also, would ASVS be more or less time than what you do today?

-Brad Causey
CISSP, MCSE, C|EH, CIFI, CGSP

http://www.owasp.org
--
"Si vis pacem, para bellum"
--


On Thu, Feb 11, 2010 at 9:39 AM, <owasp-alabama at lists.owasp.org> wrote:

> Hey guys,
>
> Just thought I would pass on an owasp doc which some of you might enjoy.
>
> http://www.owasp.org/images/4/4e/OWASP_ASVS_2009_Web_App_Std_Release.pdf
>
> I think it will be interesting to walk clients down this certification path
> but wonder how much most clients will balk at the cost of implementing so
> much time to the assessment process.
>
> | Daniel Uriah Clemens
> | Packetninjas L.L.C | | http://www.packetninjas.net
> | c. 205.567.6850      | | o. 866.267.8851
> "Moments of sorrow are moments of sobriety"
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> Owasp-alabama mailing list
> Owasp-alabama at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-alabama
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-alabama/attachments/20100211/e1f1ede3/attachment.html 


More information about the Owasp-alabama mailing list