sureshtiwary at rediffmail.com
Sat May 9 07:19:56 EDT 2009
hi OWASP Delhi,
For all i have been thinking to discuss an important issue:
There are so many IT companies developing web applications, but are all these web application tested (audit or pen test) ? how do the companies go about ? What should be ratio of security testers to developers in a company ?
Is The Browser Cache issue mapped to "Broken Access Control" or "Broken Authentication and Session management" . Please clarify.
Also how to try Command injection in a website for testing. Any cheat sheet ?
Thanks & regards,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-delhi