Tuesday, July 01, 2008
Links for 2008-07-01
The OWASP Application Security Desk Reference Project produced a helpful basic reference material when performing such activities as threat modeling, security architecture review, security testing, code review, and metrics. It will be launched in August 1st 2008.You can download the draft (965 pages, in PDF format) or you can download them per section (there are a lot of them) that suits your interests. I hope that Bex Huff and Robert McIlree give it a thorough read before commenting.
Some believe that that is the motivation around outsourcing to India.
Mike Kavis asks why other bloggers aren't talking about SOA security. I wonder if he has ever bothered to check out Gunnar Peterson or even OWASP and his local chapter. The funny thing is that many mistake security features such as WS-* from security. For the record, while I haven't blogged about these topics in a minute, I will be speaking publicly at IT Security World in San Franciso in September and in NYC in December. Likewise, this is also a topic at the OWASP AppSec Conference in NYC as well...
Links to this post: