| To: | <pen-test@lists.securityfocus.com> |
|---|---|
| Subject: | SIFT Web Services Security Testing Framework |
| From: | "Daniel Grzelak" <daniel.grzelak@sift.com.au> |
| Date: | Mon, 13 Nov 2006 14:21:19 +1100 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| Resent-date: | Mon, 13 Nov 2006 10:01:32 -0700 (MST) |
| Resent-from: | pen-test-return-1078482964@securityfocus.com |
| Resent-message-id: | <20061113170132.2D8A9165E05@outgoing2.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
| Thread-index: | AccG0skCLk1EOppUQKyssQVWuD8WIw== |
SIFT has released a new Intelligence Report titled 'A Web Services Security Testing Framework'. The framework covers the entire web services security testing process incorporating detailed threat modelling, scoping and planning methodologies tailored specifically for web services applications. It also provides a structured approach to assessing the security of a web service through an application-level penetration test and aims to deliver a repeatable means for security assurance. A primary goal of this framework is to stimulate community interest and drive the further development and adoption of structured security assurance methodologies for web services. We welcome mailing list subscribers to review the paper and will endeavour to incorporate feedback in future versions of the framework. Please send feedback and suggestions to research@sift.com.au. The paper is available for download from the SIFT website: http://www.sift.com.au/36/175/a-web-services-security-testing-framework.htm ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Aestiva HTML/OS, any thoughts?, Philip Cox |
|---|---|
| Next by Date: | RE: DDOS Products, ankur jindal |
| Previous by Thread: | Aestiva HTML/OS, any thoughts?, Philip Cox |
| Next by Thread: | txdns 2.0.0: (free) Aggressive multithreaded DNS digger/brute-forcer, Arley Barros Leal |
| Indexes: | [Date] [Thread] [Top] [All Lists] |