Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Administrivia: Webappsec Vendor Directory

Re: Administrivia: Webappsec Vendor Directory

From: <bugtraq_at_cgisecurity.net>
Date: Wed, 9 Apr 2008 23:55:47 -0400 (EDT)

Full disclosure I don't work for a security vendor anymore, nor for a security services
company and my comments are mine alone.

> * Ask OWASP and WASC to re-publish the same list as a business
> directory on their respective web sites, but most likely that will not
> happen as OWASP is about vendor neutrality, and WASC is made up of
> many of the vendors mentioned so far.

I won't speak on OWASP's stance as I'm not as informed as you are about theirs, however regarding
your wasc comments I'm going to have to respond to *clarify* your comments about the group since
I've been asked in response to your email.

WASC is very neutral and is made up of vendors, enterprise people, government, developers, security
managers, QA, pen testers and other associated security persons. WASC is run by people of all these
backgrounds and no one company/person has more of a right to change group direction or agenda. This was
an issue many of us had which is why this was specified in our charter (on our website) upon WASC's
creation years ago.

WASC knows that many vendors have employee's who are the leading experts in their field and wants to
work with all *qualified* parties regardless of who they work for while ensuring material published
is neutral and agendaless. Some wasc material may link to vendor materials as we don't discriminate
against valid material/resources simply because of the person or group that authored it.

Regards,
- Robert
http://www.webappsec.org/
http://www.webappsec.org/aboutus.shtml

-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Received on Apr 10 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]