[Owasp-delhi] Issues

suresh tiwary sureshtiwary at rediffmail.com
Sat May 9 07:19:56 EDT 2009


hi OWASP Delhi,



For all i have been thinking to discuss an important issue:



There are so many IT companies developing web applications, but are all these web application tested (audit or pen test) ? how do the companies go about ? What should be ratio of security testers to developers in a company ? 



Is The Browser Cache issue mapped to "Broken Access Control" or "Broken Authentication and Session management" . Please clarify.



Also how to try Command injection in a website for testing. Any cheat sheet ?



Thanks & regards,

Suresh.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090509/112ea429/attachment.html 


More information about the Owasp-delhi mailing list