WASC (Web Application Security Consortium) Threat Classification v.2.0

It is always good practice to understand the threats, vulnerabilities and bad actors that pose an increasing risk to your livelihood.  WASC has recently announced the release of the Threat Classification v2.0 to aid in cataloguing and understand the threats. This framework is an effort to classify the weaknesses and attacks that can lead to the compromise of a website, its data, or its users.  It’s primarily purpose is to serve as a reference guide for common attacks and weaknesses.

WASC Threat Classification v2.0 http://projects.webappsec.org/Threat-Classification
Using the Threat Classification http://projects.webappsec.org/Using-the-Threat-Classification
WASC Threat Classification FAQ http://projects.webappsec.org/Threat-Classification-FAQ
WASC Reference Identifier Grid http://projects.webappsec.org/Threat-Classification-Reference-Grid
Threat Classification Data Views http://projects.webappsec.org/Threat-Classification-Views
Advertisements