Group Seeks to Secure Web Applications

  • By stp
  • Published 23 years ago
No Comments

Not too long ago, a subscriber to the www-mobile-code mailing list asked if a single centralized place focused on Web application security existed. After all, platforms such as Microsoft's .NET and Sun's SunOne are lauded as the future direction that applications will follow, and are steadily marching on toward their next phase of development. This request grew into a project known as OWASP when list moderator Mark Curphey, realizing the value of the idea, contacted security-minded colleagues.

A group of high profile security heavyweights was soon Grossman. Together they hope that the Open Web Application Security assembled including BugTraq's Elias Levy, Chris Wysopal (formerly of L0pht), noted author John Viega, Greg Hoglund, and Jeremiah Grossman will assist developers and security experts to test and secure their products. The group claims that although both Sun and Microsoft have taken great strides to provide a secure framework for their competing visions, it is still far too easy to program insecure and unmanaged applications.

Ziff Davis’s eWeek has reported that a security audited performed at the request of Microsoft by Foundstone Inc. found .NET to be relatively secure overall. However they had qualms over the potential of outside applications to interact unchecked with .NET applications to bypass security measures.
Some of these measures include code access security, the Passport Authentication system coupled with VeriSign technology in cases were additional security is required, and an expanded role for Antivirus technologies.

WhiteHat Security's lead security expert and group co-founder, Jeremiah Grossman, told BetaNews, "The idea of OWASP is to bring together the cutting edge theory and information on web application security where it currently exists nowhere else."

Within the past several weeks the group has released a plethora of security related material to its Web site to meet that ideal with much more content scheduled to be released.

The site is currently offering tutorials, information on methods of attack, tools, links, books, and other resources. As more and more Web applications emerge -- especially ones dealing with mission critical or private information -- it can be argued that the need for organizations such as OWASP will become unmistakably clear.

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

BenQ launches W2720i and GP520 4K projectors with AI and HDR technology

CrowdStrike outage prompts businesses to overhaul supply chains

The European Commission wants Elon Musk to reveal the secrets of the X recommendation algorithm (don’t we all?)

Key developments and challenges in LLMs [Q&A]

Windows 11 is finally getting a decent battery tool -- here's how to enable it so you know how much power you have left

Rhino Linux 2025.1 is a smart choice for those ready to leave Windows

Kodi 21.2 'Omega' has arrived and you should download it immediately!

Most Commented Stories

New year, new Microsoft OS -- the stunning Windows 25 is everything Windows 12 should be

44 Comments

Can siduction OS seduce you into saying goodbye to Windows 11 in 2025?

34 Comments

Optimum 10 Pro is an upgraded version of Windows 10 with next-level performance, privacy and control

29 Comments

Like magic! Transform Windows 11 into the Microsoft OS you've always wanted in just a couple of mouse clicks

20 Comments

Say goodbye to Windows 11 and switch to MX Linux 23.5 for a faster PC

14 Comments

Microsoft says 2025 is the year to ditch Windows 10 and embrace Windows 11

10 Comments

Millions of Windows 10 PCs face security disaster as Microsoft ends support

9 Comments

The human brain processes data slower than your old dial-up modem

7 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.