in Uncategorized

WASC Announcement: ‘WASSEC Project’ Call for Participants

Anurag Agarwal has posted a WASC Announcement about the Web Application Security Evaluation Criteria (WASSEC) Project on the application security blog. This really appears to be a unique effort – as it is a set of guidelines to evaluate web application security scanners on their identification of web application vulnerabilities and their overall completeness. It aims to cover things like crawling, parsing, session handling, the types of vulnerabilities and the actual information about those vulnerabilities themselves.

The goal of this project is to evaluate the technical aspects of the web application security scanners and *not* focus simply on the features provided.

Read More: http://myappsecurity.blogspot.com/2007/08/wasc-announcement-wassec-project-call.html