Hosting Provided By

Re: OpenHack and OWASP Testing Methodology

From: <jcosta(at)lendleaserei.com>
Date: Tue Dec 03 2002 - 14:22:46 EST

Has anyone been able to find the "hardened" Apache httpd.conf file that Eweek mentions is available for download?

|---------+---------------------------->

|         |           "David Endler"   |
|         |                          |
|         |                            |
|         |           12/03/2002 11:08 |
|         |           AM               |
|         |           Please respond to|
|         |           dendler          |
|         |                            |

|---------+---------------------------->

  >------------------------------------------------------------------------------------------------------------------------------|
  |                                                                                                                              |
  |       To:                                                                                       |
  |       cc:                                                                                                                    |
  |       Subject:  OpenHack and OWASP Testing Methodology                                                                       |
  >------------------------------------------------------------------------------------------------------------------------------|

As a followup to the eweek OpenHack thread, here's a brief article by the only winner. The article is interesting in that it gives insight into a webappsec tester's mindset and some of his methodology.

http://www.eweek.com/article2/0,3959,741368,00.asp

Speaking of methodology, the OWASP Testing Methodology is currently in peer review and will be released for comment later this month. Our aim is for this document to be used in a variety of ways, from security professionals looking to adopt an industry derived and proven methodology to web system owners looking to conduct tests themselves or seeking to ensure their consultants are comprehensively checking their applications.

-dave Received on Tue Dec 3 14:44:56 2002

This message: [ Message body ]
Next message: securityarchitect(at)hush.com: "RE: WebAppSec Training Courses in UK"
Previous message: David Endler: "OpenHack and OWASP Testing Methodology"
Maybe in reply to: David Endler: "OpenHack and OWASP Testing Methodology"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:45 EDT

Do you need help?