[Owasp-testing] New testing cases proposal for section: 4.3 Configuration and Deployment Management Testing

Jim Manico jim.manico at owasp.org
Thu Aug 10 16:05:07 UTC 2017


+100 Awesome!


On 8/9/17 3:10 PM, Tal Argoni wrote:
> Hi,
> I propose to add to version 5 new test cases based on OWASP Secure
> Headers
> Project: https://www.owasp.org/index.php/OWASP_Secure_Headers_Project
> <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project>
> What do you think ?
> Response Headers 	OTG test
> HTTP Strict Transport Security (HSTS)
> <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#hsts>
> (OTG-CONFIG-007)
> <https://www.owasp.org/index.php/Test_HTTP_Strict_Transport_Security_%28OTG-CONFIG-007%29>
>
> Public Key Pinning Extension for HTTP (HPKP)
> <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#hpkp>
> (OTG-CONFIG-010)
> X-Frame-Options
> <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#xfo>
> (OTG-CONFIG-011)
> X-XSS-Protection
> <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#xxxsp>
> (OTG-CONFIG-012)
> X-Content-Type-Options
> <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#xcto>
> (OTG-CONFIG-013)
> Content-Security-Policy
> <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#csp>
> (OTG-CONFIG-014)
> X-Permitted-Cross-Domain-Policies
> <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#xpcdp>
> (OTG-CONFIG-015)
> Referrer-Policy
> <https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#rp>
> (OTG-CONFIG-016)
>
> *Cheers**,*
>
> *Tal Argoni**,* Co-Founder & Senior Application Security Expert
>
>         *"Redefining Cyber Safety"*
> *
> *
>
>     *Mobile,* +972-58-778-1213 <tel:%2B972-58-778-1213>
>
>
>     *eMail,* Tal at triadsec.com <mailto:tal at triadsec.com>
>
>     *Linkedin,* https://www.linkedin.com/in/talargoni
>     <https://www.linkedin.com/in/talargoni>
>
>     *Website,* www.triadsec.com
>     <http://www.triadsec.com/>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-testing/attachments/20170810/883d9446/attachment.html>


More information about the Owasp-testing mailing list