[35871] in bugtraq
WASC Releases Web Security Threat Classification
daemon@ATHENA.MIT.EDU (Jeremiah Grossman)
Wed Jul 28 13:44:22 2004
X-Qmail-Scanner-Mail-From: jeremiah@whitehatsec.com via mail.whitehatsec.com
Date: Wed, 28 Jul 2004 04:50:37 -0700
Mime-Version: 1.0 (Apple Message framework v553)
Content-Type: text/plain; charset=US-ASCII; format=flowed
From: Jeremiah Grossman <jeremiah@whitehatsec.com>
To: bugtraq@securityfocus.com
Content-Transfer-Encoding: 7bit
Message-Id: <578F85C4-E08C-11D8-83FB-000A9591DA56@whitehatsec.com>
Web Application Security Consortium Establishes Official Charter and
Delivers Web Security Threat Classification
Group Promotes Industry Standard Terminology of Web Security Threats
Web Application Security Consortium (WASC), a group dedicated to
developing and promoting "security standards of best practice" for the
World Wide Web, announced the completion of the WASC official Charter
and Web Security Threat Classification.
The Web Security Threat Classification is a cooperative effort to
clarify and organize the threats to the security of a Web site. The
members of the WASC created this project to develop and promote
industry standard terminology for describing these issues. With the
creation of the Web Security Threat Classification, application
developers, security professionals, software vendors and compliance
auditors have the ability to access a consistent language for Web
security related issues.
Our first release of the Threat Classification document is available
for download here:
http://www.webappsec.org/threat.html
Regards,
Jeremiah Grossman
WASC Spokesman
