Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: InfoSec Handlers Diary Blog - WASC Threat Classification v2 published InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

WASC Threat Classification v2 published

Published: 2010-01-04
Last Updated: 2010-01-04 03:00:03 UTC
by Toby Kohlenberg (Version: 1)
0 comment(s)

The WASC (Web Application Security Consortium) has just released the second version of their Threat Classification document. It contains a list of all the classes of attacks and weaknesses they have identified as being relevant to web applications. Personally, I like using it to supplement developer education materials but there are a number of ways you can use it (they suggest a few here: http://projects.webappsec.org/Using-the-Threat-Classification)

I wholeheartedly encourage y'all to check it out:

http://projects.webappsec.org/Threat-Classification

http://projects.webappsec.org/Threat-Classification-FAQ

Keywords:
0 comment(s)
Diary Archives