[Owasp-sydney] Greetings - OWASP Testing Guide v3

Christian Heinrich christian.heinrich at owasp.org
Mon Aug 16 18:15:17 EDT 2010


Paul,

As your interest is defensive coding I would recommend you consider
reviewing http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API
- I mentioned ESAPI during kuza55 WAF presentation at the recent
Sydney Chapter Meeting.

You might also want to highlight http://www.opensamm.org/ (also an
OWASP Project) to your senior management to improve the success of
introducing a secure development culture within your organization -
OpenSAMM is also being presented at the AISA Sydney Branch Meeting on
6 October.

On Mon, Aug 16, 2010 at 12:13 PM, NG, Paul (GE Capital, Non-GE)
<paul.ng1 at ge.com> wrote:
> Dear Dan, Leann
> It's good to see such enthusiasm in web app security. I'm a web application
> developer myself and only until recently have gotten really interested in
> doing defensive coding against common web application security breaches.
>
> If you browse to links below, it has a PDF document for download and it very
> comprehensive and it does present some really 'real' things you can
> customize into your application security checklist & testcases that can be
> incorporated into the Web Software SDLC? Just this would help...
>
> http://www.owasp.org/index.php/Category:OWASP_Testing_Project

-- 
Regards,
Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking


More information about the Owasp-sydney mailing list