×
  • Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
 

Get more from your Web VAPT

by on Aug 06, 2010

  • 1,984 views

Web Application Security is a priority for several organizations all over the world. Organizations hosting mission critical Web Applications look into Web Application Security is a key priority. One ...

Web Application Security is a priority for several organizations all over the world. Organizations hosting mission critical Web Applications look into Web Application Security is a key priority. One of the most important aspects of a strong Web Application Security program in an organization is the security testing of the web application.

Organizations primarily use Vulnerability Assessments and Penetration Tests (VAPT) as tests of security against the web application. VAPTs are widely recognized as effective security tests against an enterprise IT infrastructure. However, Web Application VAPT is radically different from Network or OS Level VAPT. Several organizations are unaware of the various intricacies of Web Application VAPTs, resulting in a situation where they accept poor quality tests from external vendors and internal security teams, lulling them into a false (and dangerous) sense of security.

This talk will provide a practical view of Web Application VAPTs and will explore the some of the key factors that organizational decision-makers should evaluate when evaluating Web Application VAPTs. I will discuss some of the metrics that organizations can use to analyze and interpret results of VAPTs and devise suitable remediation measures. I will also be exploring some of the benefits and limitations of a Web Application VAPT and how these factors are very different from a Network or OS level VAPT. This will be helpful to set expectations and have the ability to analyze the VAPT and its results from a better perspective.

I will also be briefly touching upon certain VAPT essentials for Internal Security teams and how they can add a great deal of value in an internal Web Application VAPT.

This talk is ideally meant for CIO/CTOs/CISOs, Information Security and Risk Professionals, Internal Penetration testers and any other professionals who would like to understand the subtleties of strong Web Application Security Testing for their organization.

Statistics

Views

Total Views
1,984
Views on SlideShare
1,564
Embed Views
420

Actions

Likes
1
Downloads
0
Comments
0

8 Embeds 420

http://www.we45.com 335
http://we45.com 33
http://secure-java.com 24
http://www.secure-java.com 19
http://www.slideshare.net 3
http://www.we45.in 3
http://we45.in 2
http://localhost 1
More...

Accessibility

Categories

Upload Details

Uploaded via SlideShare as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
Post Comment
Edit your comment

Get more from your Web VAPT Get more from your Web VAPT Presentation Transcript