WASC TC v2 - Improper Input Handling Section Completed
I lead the WASC Threat Classification v2 project and we've just completed a section that I felt deserved its own post. Prasad Shenoy along with the WASC TC peer review team authored a really great section on Improper Input Handling meant to describe each aspect of input handling with a medium level of detail. We've had a some great discussions about this software weakness, and found that input handling from a security point of view is rarely broken down at each phase. You can check out the WASC TCv2 working page to check out the current status of TC.
Only one section left!
Improper Input Handling: http://projects.webappsec.org/Improper-Input-Handling
Comments
You can follow this conversation by subscribing to the comment feed for this post.
All Comments are Moderated and will be delayed!
Post a comment