Thursday, September 25, 2008
OWASP Web Services Top Ten
I believe there are three action items for me upon hearing this most wonderful presentation.
1. On the long train ride back home, I need to compose all my thoughts on worst practices that I have came across within my travels and include even the ones that I have personally made. Hopefully, this will help provide additional guidance for others to develop secure web services.
2. We need to figure out that once this list is finalized, how vendors who produce web services as part of their product offering could immediately fix deficiencies in their products. For example, it would be wonderful if Craig Randall, Laurence Hart, Bex Huff and others within the ECM community were to be the first to embrace.
3. I also need to fail miserably and repeatedly in attempting to encourage industry analysts to dedicate a research report to aspects of developing secure web services. I will be pinging Gartner, Burton Group and Zapthink with others to follow..
Links to this post: