[Owasp-webcert] OWASP Evaluation and Certification Criteria

Brian Chess brian at fortifysoftware.com
Fri Aug 10 11:10:09 EDT 2007


Curphey > I certainly see your point but isn¹t there a separation between
the security  of the application and the functionality of the business
itself?

My point is that we cannot anticipate all of the properties an application
might need in order to meet reasonable security requirements.  Above and
beyond the set that applies to many applications, additional requirements
may stem from the functionality of the application, the business the
application serves, or the technology the application is built upon.

Brian


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-webcert/attachments/20070810/787fe258/attachment.html 


More information about the Owasp-webcert mailing list