Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Administrivia: Webappsec Vendor Directory

from [bugtraq] Network Security [Permanent Link]
Subject: Re: Administrivia: Webappsec Vendor Directory
Date: Wed, 9 Apr 2008 23:55:47 -0400 (EDT) 
Full disclosure I don't work for a security vendor anymore, nor for a security 
services 
company and my comments are mine alone. 


* Ask OWASP and WASC to re-publish the same list as a business
directory on their respective web sites, but most likely that will not
happen as OWASP is about vendor neutrality, and WASC is made up of
many of the vendors mentioned so far.


I won't speak on OWASP's stance as I'm not as informed as you are about theirs, 
however regarding     
your wasc comments I'm going to have to respond to *clarify* your comments 
about the group since
I've been asked in response to your email.

WASC is very neutral and is made up of vendors, enterprise people, government, 
developers, security 
managers, QA, pen testers and other associated security persons. WASC is run by 
people of all these 
backgrounds and no one company/person has more of a right to change group 
direction or agenda. This was
an issue many of us had which is why this was specified in our charter (on our 
website) upon WASC's
creation years ago. 

WASC knows that many vendors have employee's who are the leading experts in 
their field and wants to 
work with all *qualified* parties regardless of who they work for while 
ensuring material published  
is neutral and agendaless. Some wasc material may link to vendor materials as 
we don't discriminate  
against valid material/resources simply because of the person or group that 
authored it. 


Regards,
- Robert
http://www.webappsec.org/
http://www.webappsec.org/aboutus.shtml



-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web 
application security assessments should be considered a crucial phase in the 
development of any web application. What methodology should be followed? What 
tools can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Top webapp pentesting vendors?, David Byrne
Next by Date:  EUSecWest CFP Closes April 14th (conf May 21/22 2008), Dragos Ruiu
Previous by Thread:  Administrivia: Webappsec Vendor Directory, Andrew van der Stock
Next by Thread:  Re: Top webappsec testing vendors?, Bill Stout
Indexes:  [Date] [Thread] [Top] [All Lists]