[Owasp-leaders] Gov.uk: Cyber security guidance for business
fred.donovan at owasp.org
Mon Jan 19 18:33:33 UTC 2015
I do find high-level to be useful in some orgs.
Here are some security configuration guides from Fort Meade that were also
developed for public consumption: security_configuration_guides
just informational and some a bit outdated, but you'll notice in the SQLi
factsheet that OWASP is considered "well-respected". The
"Hardening_Deployed_WebApplications11182013.pdf" factsheet mentions using
the Top10 and Code Review guides.
Note: Any super-secret sophisticated backdoors/trojans/rootkits that are
installed upon download from the above link "so they can see everything"
would be unintended. ;)
On Mon, Jan 19, 2015 at 5:14 AM, psiinon <psiinon at gmail.com> wrote:
> Advice from GCHQ, BIS and CPNI.
> Please note that the gratuitous use of the 'cyber' word is from the web
> site and not added by me ;)
> My first impressions are that despite it being very high level this is
> still disappointingly light on web security :(
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders