Here's a list of guidelines to help developers create more secure web applications. This info was based around the OWASP WASS project and the app sec STIG.
The general idea is to set the expectation on what gets audited during a web application security assessment and help developers code things up better the first time around...
http://sites.google.com/site/rwninsecurity/webappsec_dev_guide
Feedback/suggestions welcome!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment