[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [WEB SECURITY] definition of "web application security"?

--_000_597B3FFEC7A0EA4BAFD27B7E8FC67E9B14046512B9EX2HSSMAINORG_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Joe,



I might expand the assets being defended to all of the organization's netwo=
rked information and information systems. A successful web application brea=
ch can be used to attack other networked assets. So, perhaps...



"Web Application Security is safeguarding web applications in order to prot=
ect the organization's information and information systems, to ensure custo=
mer confidence by protecting customer data, and to protect the organization=
's reputation."



I know this is not complete, but it is executive friendly.



Dan Aiken, CISSP, GSEC, GSNA
Corporate Compliance Director
Information Security Officer and Privacy Officer
Hospital for Special Surgery
535 East 70th Street
New York, NY  10021
Ofc: (212) 774-2569
Fax: (212) 774-2161
aikend@hss.edu

"Two people can keep a secret, but only if one of them is dead."
Ben Franklin

The opinions expressed in this message are the author's own and not necessa=
rily those of Hospital for Special Surgery.





-----Original Message-----
From: feedyourhead@gmail.com [mailto:feedyourhead@gmail.com] On Behalf Of J=
oe White
Sent: Friday, August 22, 2008 4:59 PM
To: WASC Forum
Subject: [WEB SECURITY] definition of "web application security"?



Assuming "web application security" is actually a definable term =3D) , I a=
m hoping for some help wordsmith-ing a quick one sentence (executive friend=
ly) definition for web application security.



here is what i have so far:



Web Application Security is defined as protecting web application assets in=
 order to ensure user confidence by maintaining the integrity of customer d=
ata and defending the company name.



too wordy?  any thoughts?



thanks,

joe



<<<>>>


--_000_597B3FFEC7A0EA4BAFD27B7E8FC67E9B14046512B9EX2HSSMAINORG_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 10 (filtered)">
<style>
<!--
 /* Font Definitions */
 @font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman";}
a:link, span.MsoHyperlink
	{color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{color:blue;
	text-decoration:underline;}
span.EmailStyle18
	{font-family:Arial;
	color:navy;}
@page Section1
	{size:8.5in 11.0in;
	margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
	{page:Section1;}
-->
</style>
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"blue">
<div class=3D"Section1">
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">Joe,</span></font></p>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">&nbsp;</span></font></p>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">I might expand the assets being defend=
ed to all of the organization&#8217;s networked information and information=
 systems. A successful web
 application breach can be used to attack other networked assets. So, perha=
ps&#8230;</span></font></p>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">&nbsp;</span></font></p>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">&#8220;Web Application Security is saf=
eguarding web applications in order to protect the organization&#8217;s inf=
ormation and information systems,
 to ensure customer confidence by protecting customer data, and to protect =
the organization&#8217;s reputation.&#8221;</span></font></p>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">&nbsp;</span></font></p>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">I know this is not complete, but it is=
 executive friendly.</span></font></p>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">&nbsp;</span></font></p>
<div>
<div>
<div>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">Dan Aiken, CISSP, GSEC, GSNA<br>
Corporate Compliance Director</span></font><font color=3D"navy"><span style=
=3D"color:navy"><br>
</span></font><font size=3D"2" color=3D"navy" face=3D"Arial"><span style=3D=
"font-size:10.0pt;
font-family:Arial;color:navy">Information Security Officer and Privacy Offi=
cer</span></font><font color=3D"navy"><span style=3D"color:navy"><br>
</span></font><font size=3D"2" color=3D"navy" face=3D"Arial"><span style=3D=
"font-size:10.0pt;
font-family:Arial;color:navy">Hospital for Special Surgery</span></font><fo=
nt color=3D"navy"><span style=3D"color:navy"><br>
</span></font><font size=3D"2" color=3D"navy" face=3D"Arial"><span style=3D=
"font-size:10.0pt;
  font-family:Arial;color:navy">535 East 70th Street</span></font><font col=
or=3D"navy"><span style=3D"color:navy"><br>
</span></font><font size=3D"2" color=3D"navy" face=3D"Arial"><span style=3D=
"font-size:10.0pt;
  font-family:Arial;color:navy">New York</span></font><font size=3D"2" colo=
r=3D"navy" face=3D"Arial"><span style=3D"font-size:10.0pt;font-family:Arial=
;color:navy">,
</span></font><font size=3D"2" color=3D"navy" face=3D"Arial"><span style=3D=
"font-size:10.0pt;font-family:Arial;
  color:navy">NY</span></font><font size=3D"2" color=3D"navy" face=3D"Arial=
"><span style=3D"font-size:10.0pt;font-family:Arial;color:navy">&nbsp;
</span></font><font size=3D"2" color=3D"navy" face=3D"Arial"><span style=3D=
"font-size:10.0pt;font-family:Arial;
  color:navy">10021</span></font><font color=3D"navy"><span style=3D"color:=
navy"><br>
</span></font><font size=3D"2" color=3D"navy" face=3D"Arial"><span style=3D=
"font-size:10.0pt;
font-family:Arial;color:navy">Ofc: (212) 774-2569<br>
Fax: (212) 774-2161<br>
aikend@hss.edu</span></font></p>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">&quot;Two people can keep a secret, bu=
t only if one of them is dead.&quot;<br>
Ben Franklin<br>
</span></font><font color=3D"navy"><span style=3D"color:navy"><br>
</span></font><font size=3D"2" color=3D"navy" face=3D"Arial"><span style=3D=
"font-size:10.0pt;
font-family:Arial;color:navy">The opinions expressed in this message are th=
e author's own and not necessarily those of Hospital for Special Surgery.</=
span></font></p>
<p class=3D"MsoNormal"><font size=3D"3" color=3D"navy" face=3D"Times New Ro=
man"><span style=3D"font-size:12.0pt;color:navy">&nbsp;</span></font></p>
</div>
</div>
</div>
<p class=3D"MsoNormal"><font size=3D"2" color=3D"navy" face=3D"Arial"><span=
 style=3D"font-size:
10.0pt;font-family:Arial;color:navy">&nbsp;</span></font></p>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"2" face=3D"=
Tahoma"><span style=3D"font-size:10.0pt;font-family:Tahoma">-----Original M=
essage-----<br>
<b><span style=3D"font-weight:bold">From:</span></b> feedyourhead@gmail.com=
 [mailto:feedyourhead@gmail.com]
<b><span style=3D"font-weight:bold">On Behalf Of </span></b>Joe White<br>
<b><span style=3D"font-weight:bold">Sent:</span></b> </span></font><font si=
ze=3D"2" face=3D"Tahoma"><span style=3D"font-size:10.0pt;font-family:Tahoma=
">Friday, August 22, 2008</span></font><font size=3D"2" face=3D"Tahoma"><sp=
an style=3D"font-size:10.0pt;
font-family:Tahoma">
</span></font><font size=3D"2" face=3D"Tahoma"><span style=3D"font-size:10.=
0pt;font-family:Tahoma">4:59 PM</span></font><font size=3D"2" face=3D"Tahom=
a"><span style=3D"font-size:10.0pt;font-family:Tahoma"><br>
<b><span style=3D"font-weight:bold">To:</span></b> WASC Forum<br>
<b><span style=3D"font-weight:bold">Subject:</span></b> [WEB SECURITY] defi=
nition of &quot;web application security&quot;?</span></font></p>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">&nbsp;</span></font></p>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">Assuming &quot;<span clas=
s=3D"apple-style-span"><span style=3D"-webkit-border-horizontal-spacing: 2p=
x;-webkit-border-vertical-spacing: 2px">web application
 security&quot; is actually a definable term =3D) , <span style=3D"-webkit-=
border-horizontal-spacing: 0px;-webkit-border-vertical-spacing: 0px">
I am hoping for some help wordsmith-ing a quick one sentence (executive fri=
endly)&nbsp;definition&nbsp;for web application security.</span></span></sp=
an></span></font></p>
<div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">&nbsp;</span></font></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">here is what i have so fa=
r:</span></font></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">&nbsp;</span></font></p>
</div>
<blockquote style=3D"border:none;border-left:solid #CCCCCC 1.0pt;padding:0i=
n 0in 0in 6.0pt;
margin-left:4.8pt;margin-right:0in">
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">Web Application Security =
is defined as protecting web application assets in order to ensure user con=
fidence by maintaining the integrity of customer
 data and defending the company name.</span></font></p>
</blockquote>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">&nbsp;</span></font></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">too wordy? &nbsp;any thou=
ghts?</span></font></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">&nbsp;</span></font></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">thanks,</span></font></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">joe</span></font></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">&nbsp;</span></font></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:.5in"><font size=3D"3" face=3D"=
Times New Roman"><span style=3D"font-size:12.0pt">&lt;&lt;&lt;&gt;&gt;&gt;<=
/span></font></p>
</div>
</div>
</div>
</div>
</body>
</html>

--_000_597B3FFEC7A0EA4BAFD27B7E8FC67E9B14046512B9EX2HSSMAINORG_--
Brought to you by http://www.webappsec.org
Search this site