Description: This talk was given by Matteo Meucci at FOSDEM 2009. The speech goal is to show the OWASP testing methodology and how you can implement a software development lifecycle that permit to develop more secure applications.
The Open Web Application Security Project (OWASP) wants to deliver free tools and documentation for the Web Application Security. The talk will present the new OWASP Testing Guide v3 that includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues. OWASP Testing Guide v3 is a 349 page book; we have split the set of active tests in 9 sub-categories for a total of 66 controls to test during the Web Application Testing activity.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.