Difference between revisions of "Research page on Web Security Ratings and Disclosure Policies"

From OWASP
Jump to: navigation, search
Line 17: Line 17:
 
* [http://www.salesforce.com/company/disclosure.jsp Salesforce.com] Vulnerability Reporting Policy
 
* [http://www.salesforce.com/company/disclosure.jsp Salesforce.com] Vulnerability Reporting Policy
 
* [https://www.wesabe.com/page/security-contact Wesabe] Contacting Security - We want to hear from you (security@wesabe.com, [https://www.wesabe.com/downloads/wesabe-public-key.asc GPG key]
 
* [https://www.wesabe.com/page/security-contact Wesabe] Contacting Security - We want to hear from you (security@wesabe.com, [https://www.wesabe.com/downloads/wesabe-public-key.asc GPG key]
* Microsoft (link?)
+
* [http://www.microsoft.com/security/msrc/report.aspx Microsoft] Report a Vulnerability
 
* [http://37signals.com/security-response 37signals] Security Response
 
* [http://37signals.com/security-response 37signals] Security Response
  

Revision as of 15:20, 8 January 2010

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.


New OWASP Project details

see How to Start an OWASP Project

Project ideas & brainstorming:

Create an OWASP project around:

Other relevant OWASP projects

Research link

Public Disclosure Policies (by Commercial websites)

Other Links

Questions to answer

Question: What types of vulnerability testing is implicitly allowed? (XSS, SQLi,,XSRF)