[Owasp-bayarea] anyone got an app sec questionnaire webapp?

Arshad Noor arshad.noor at strongauth.com
Tue Jul 31 23:27:43 UTC 2012


You could also use Survey Monkey's free surveys (upto 10 questions)
to qualify the application; if it deserves more questions, then you
can sign up for their service.  Would be faster than building an app
for this, IMO.

Arshad Noor
StrongAuth, Inc.

On 07/31/2012 04:07 PM, travis+ml-owasp-bayarea at subspacefield.org wrote:
> So suppose you are in software security for a big organization.
>
> You have multiple apps coming in for review and need to decide which
> deserve attention, and how much, and in what areas.
>
> You'd normally have many questions you'd ask to decide how much
> attention it takes, some of which you don't need to ask, depending on
> the application - for example, a mobile app developed by third parties
> has different questions than an intranet app developed in-house.
>
> So, if you dump hundreds of questions on devs, they freak out and
> may not complete it.
>
> So in the interest of effort reduction, it seems like this could
> be an interactive, "wizard"-type questionnaire.
>
> Obviously, it could be relatively easy to implement as a web app that
> spits out a report, but isn't too intimidating for devs since it's
> interactive and smart about which questions it skips.
>
> So, is there anything like this out there?
>
> If not, is there anyone interested in doing it as an open-source
> application?  Seems like it should be pretty easy to knock out if
> you pick the right tools for the job.
>
>
>
> _______________________________________________
> Owasp-bayarea mailing list
> Owasp-bayarea at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bayarea


More information about the Owasp-bayarea mailing list