[Owasp-delhi] Issues

suresh tiwary sureshtiwary at rediffmail.com
Sat May 9 07:19:56 EDT 2009

hi OWASP Delhi,

For all i have been thinking to discuss an important issue:

There are so many IT companies developing web applications, but are all these web application tested (audit or pen test) ? how do the companies go about ? What should be ratio of security testers to developers in a company ? 

Is The Browser Cache issue mapped to "Broken Access Control" or "Broken Authentication and Session management" . Please clarify.

Also how to try Command injection in a website for testing. Any cheat sheet ?

Thanks & regards,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090509/112ea429/attachment.html 

More information about the Owasp-delhi mailing list