Research page on Web Security Ratings and Disclosure Policies

Revision as of 07:28, 8 January 2010 by Dinis.cruz (Talk | contribs)

Jump to: navigation, search

Project idea:

Create an OWASP project around:

see also How to Start an OWASP Project

Public Disclosure Policies (by Commercial websites)

  • Paypal Site Security Researchers
  • Facebook Report a Possible Security Vulnerability
  • Vulnerability Reporting Policy
  • Wesabe Contacting Security - We want to hear from you (, GPG key
  • Microsoft (link?)

Research Links

Questions to answer

Question: What types of vulnerability testing is implicitly allowed? (XSS, SQLi,,XSRF)