Using WHID to Assess Risk

Submitted by Ofer Shezaf on 22 December 2008 - 5:06pm
Share/Save

The web hacking incidents database provides a tool for assessing the risk in insecure web applications. Such risk analysis is important in order to make sure that resources are spent wisely when fixing or protecting web applications. The attached presentation discusses risk analysis for security of web applications, and addresses the role WHID can have in such an analysis.

The outline of the presentation is:

  • The challenge of risk analysis for web Application Security
  • The Web Hacking Incidents Database (WHID)
  • The state of web hacking in 2007 based on WHID statistics
  • New trends for 2008

You can view a video of this presentation taken at the OWASP NYC 2008 conference here.

Tags: 
Research
Risk Management
The Web Hacking Incident Database

Post new comment

More information about text formats

Full HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.