[OWASP-TESTING] Re: Testing Guide Security Code Review section (Draft)

Daniel Daniel at deeper.co.za
Tue Mar 2 14:15:23 EST 2004


Juan.. can you kick your mail server and re-attach the attachment

"This e-Mail had an attachment that was removed in order to meet GE 
Security guidelines."

:-)


On 2 Mar 2004, at 17:36, Calderon, Juan Carlos ((GE Commercial Finance, 
NonGE)) wrote:

>
>
> Hi all
>
> Here is my first draft, I have some questions, though. that's why I'm
> not sending my definitive outline (some sections could disappear)
>
> 1 are we making the scope table and the advantages/disadvantages 
> tables?
> how are they going to be defined?
> 2 I, in the white box testing section I recommend "issue tracking" and
> "put in action what you've learned", but it is not supposed to have 
> them
> for all testing methods? IMHO it is not a section specific issue but
> part of the testing framework.
>
> What do you think?
>
> please provide feedback,
>
> JC
>
>
> PS I tried to write Web application sensitive points in a 
> why/what/where
> form (when applicable) without implicitly writing those words.
> [Filename: Security Code Review testing guide (Part 1).ZIP, 
> Content-Type: application/octet-stream]
> This e-Mail had an attachment that was removed in order to meet GE 
> Security guidelines.
> <smime.p7s>





More information about the Owasp-testing mailing list