|
This blog has moved! Please update your bookmarks to http://www.blog.modsecurity.org. |
« Going to Foo Camp Europe in August | Main | OSCOM4 Web Security Talks »
Posted by ivanr on July 28, 2004.
They've been very quiet for a number of months and now you know what they have been doing - working on the Threat Classification document. The goal of the document is to establish a common web security vocabulary in order to avoid confusion among developers. Problems are categorized in six classes: "Authentication, Authorization, Client-side Attacks, Command Execution, Information Disclosure, and Logical Attacks". There are 24 problem definitions in total.
Posted by ivanr at July 28, 2004 03:13 PM