[Owasp-leaders] OWASP Consumer Reports Project

Rogan Dawes rogan at dawes.za.net
Mon Apr 12 09:40:02 EDT 2010


On 2010/04/12 3:16 PM, McGovern, James F. (P+C Technology) wrote:

> Criteria would include things like knowing they are running
> the latest patch version of web server software, dns zone transfer,
> basic input validation and other things that are observable as a smart
> security consumer. At no time, would we scan a site without permission.
> 
> Thoughts?

How do you intend to test "basic input validation" without scanning the
site?

Ask Dan about how little you need to do to be considered to be hacking.

Rogan


More information about the OWASP-Leaders mailing list