[OWASP-GUIDE] RE: OWASP Guides To Secure Web Applications and Ten Most Critical Web Application Security Vulnerabilities
Andrew van der Stock
vanderaj at greebo.net
Fri May 21 22:19:39 EDT 2004
These are good points in the review. I take it that the review applies to
the OWASP Guide 1.1.1, and the OWASP Top 10 2004?
I am revising the session management chapter to take in the webappsec
discussion from a little while ago, and I'll make sure it takes into account
this review's issues with session management.
From: owasp-guide-admin at lists.sourceforge.net
[mailto:owasp-guide-admin at lists.sourceforge.net] On Behalf Of Mark Curphey
Sent: Saturday, 22 May 2004 6:31 AM
To: 'Jim Webb'; owasp-leaders at lists.sourceforge.net;
owasp-guide at lists.sourceforge.net
Cc: 'Liam Barry'
Subject: [OWASP-GUIDE] RE: OWASP Guides To Secure Web Applications and Ten
Most Critical Web Application Security Vulnerabilities
Thank you. Well will review and ensure these suggestions are considered in
the next releases of these documents.
From: Jim Webb [mailto:jim.webb at gov.ab.ca]
Sent: Friday, May 21, 2004 4:23 PM
To: owasp at owasp.org
Cc: Liam Barry
Subject: OWASP Guides To Secure Web Applications and Ten Most Critical Web
Application Security Vulnerabilities
Dear OWASP Team,
The Government of Alberta (GoA) commends the OWASP team on their:
* Guide To Secure Web Applications and
* Ten Most Critical Web Application Security Vulnerabilities.
The GoA endorses both documents as best practices worthy of adherence and
intends to reference them in a Web Application Development Best Practices
guide that we are currently developing. Our review of the QWASP guides has
identified a few anomalies from the GoA's standards that application
developers must take into consideration when developing Web applications for
the GoA. We would also recommend the OWASP team consider incorporating these
anomalies, where possible, when next updating the OWASP guidelines.
A copy of the GoA review is attached for OWASP consideration. Should you
have any questions or comments, please get back to me. Acknowledgement of
your receipt of this message would also be appreciated.
Once again, congratulations on a job well done.
James B. Webb
Manager, Standards Management and Liaison
Enterprise Architecture and Standards Division
Alberta Innovation & Science
ph 780-422-1776 cl 913-2303 fx 780-427-0238 em jim.webb at gov.ab.ca
This communication is intended for the use of the recipient to which it is
addressed, and may contain confidential, personal and or privileged
information. Please contact us immediately if you are not the intended
recipient of this communication, and do not copy, distribute, or take action
relying on it. Any communication received in error, or subsequent reply,
should be deleted or destroyed.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-guide