M32 Security » consortium http://m32consulting.com Network Security Info, News, and Resources Sun, 22 Jan 2012 23:37:02 +0000 en hourly 1 WASC Threat Classification 2.0 Publishedhttp://m32consulting.com/2010/01/wasc-threat-classification-2-0-published/?utm_source=rss&utm_medium=rss&utm_campaign=wasc-threat-classification-2-0-published http://m32consulting.com/2010/01/wasc-threat-classification-2-0-published/#comments Sun, 03 Jan 2010 01:24:08 +0000 Kyle http://m32consulting.com/?p=59 The The Web Application Security Consortium Threat Classification version 2.0 has been published. It is a document that attempts to classify common web application vulnerabilities and attacks so they can be referred to with a WASC (v2.0) number to keep documentation uniform across the industry; akin to how HTTP status codes are referenced. This vastly simplifies auditing of web application security audit reporting; creating a simple way of referencing attacks and weaknesses. This update adds many new useful features and fills-in missing attack types and weaknesses associated with them.

The post over at cgisecurity.com explains WASC v2 in more detail.

WASC Threat Classification 2.0 Project Site

Tags: , , , , ,
]]> http://m32consulting.com/2010/01/wasc-threat-classification-2-0-published/feed/ 0