Research page on Web Security Ratings and Disclosure Policies

From OWASP
Revision as of 07:14, 8 January 2010 by Dinis.cruz (Talk | contribs)

Jump to: navigation, search

Contents

Project idea:

Public Disclosure Policies (by Commercial websites)

  • Paypal Site Security Researchers
  • Facebook Report a Possible Security Vulnerability
  • Salesforce.com Vulnerability Reporting Policy
  • Wesabe Contacting Security - We want to hear from you
  • Microsoft (link?)

Research Links

Questions to answer

Question: What types of vulnerability testing is implicitly allowed? (XSS, SQLi,,XSRF)