[OWASP-TESTING] Contribution to OWASP testing: Configuration Management (infrastructure and application)

Andrew van der Stock vanderaj at greebo.net
Wed Aug 17 20:46:56 EDT 2005


Yes - please review both the Guide and your content. I'm working on  
version 2.0.2 at the moment, but any changes or things we've missed  
should go into 2.1.

My view on the Guide vs Testing:

Guide - for solution designers, architects and developers. Positive -  
how to protect your application
Testing - for pen testers and auditors. Negative - what to look for  
and how to detect flaws in the tested application

YMMV

Does anyone have a consolidated copy of the Testing Guide somewhere?  
Ie is it in CVS?

thanks,
Andrew

On 04/08/2005, at 9:02 PM, Javier Fernandez-Sanguino wrote:
>
> In any case, reviewing the OWASP Guide, doesn't it overlap quite a  
> lot with the testing guide? People might want to review what the  
> sections in the Guide related to their sections currently speak of.
>




More information about the Owasp-testing mailing list