[Owasp-appsensor-project] Additional Detection Points - Change To Application's Rating By A Third Party

Michael Coates michael.coates at owasp.org
Thu Jun 10 19:09:47 EDT 2010

I'm not sure I completely understand this one.  How would SSL 
configuration testing be tied to a malicious user?  For your specific 
example of RSS feeds, it may be tough to reliably determine if this was 
a user initiated malicious action or just a software bug.

Michael Coates

On 6/9/10 7:13 PM, John Melton wrote:
> think this is a good idea, but again, don't think it falls under 
> application intrusion detection - a 3rd party is doing the detection, 
> then there may be a mechanism to use that data to make decisions.  
> These ideas are good enough to certainly be used, but I don't 
> understand their classification as part of a app intr det. system.
> On Wed, Jun 9, 2010 at 10:30 AM, Colin Watson <colin.watson at owasp.org 
> <mailto:colin.watson at owasp.org>> wrote:
>     Suggestion to add a new detection point.  Has this already been ruled
>     out?  Should it be added?  Is the description/categorization suitable?
>     Source
>     -----------------------------------
>     Just another idea
>     Description
>     -----------------------------------
>     The reputation (classification, score, etc) of the application (or its
>     servers) is changed by free or subscribed third party remote
>     monitoring/testing services (e.g. malware detection, phishing site
>     detection, uptime monitoring, reputation monitoring, spam and botnet
>     lists, SSL configuration testing, HTML, CSS, RSS and XML validators,
>     vulnerability scanners, penetration testing, DNS address, etc).  For
>     example, syntax errors are found in an application's user comments RSS
>     feed which may have been caused by incorrect output encoding.
>     Suggested categorization
>     -----------------------------------
>     In the suggested new category "Reputation" (see RP1 Suspicious
>     User IP Address)
>     RP4 Change To Application's Rating By A Third Party
>     _______________________________________________
>     Owasp-appsensor-project mailing list
>     Owasp-appsensor-project at lists.owasp.org
>     <mailto:Owasp-appsensor-project at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100610/59312598/attachment-0001.html 

More information about the Owasp-appsensor-project mailing list