Industry-Leading Security Experts Join Forces to Establish
Web Application Security Consortium (WASC)
SAN FRANCISCO, Calif. -- February 23, 2004
– Top web applications security experts today announced the
formation of the Web Application Security Consortium (WASC), a group
dedicated to developing and promoting “security standards
of best practice” for the World Wide Web. Rising to meet the
growing challenges of web security, WASC through a collaborative
effort will focus on assisting developers, security professionals
and software vendors. Charter members of WASC include Application
Security, KaVaDo, Sanctum, SPI Dynamics, Inc. and WhiteHat Security.
"The need for consistent technical terminology for web related
security issues has a significant impact on risk assessment and
remediation activities," said Pete Lindstrom, research director
for Spire Security. "Establishing a standard approach for identifying
these issues, along with a common terminology that everyone can
adhere to, will help to thwart the increasing security risks associated
with web applications."
WASC has identified its primary objectives to best address the challenges
of developing security standards for the Web, which include:
- Identify the security risks to e-business and
privacy on the Web.
- Establish consistent technical terminology
relating to web security issues.
- Establish web application security standards
of best practice for secure software development, independent
security review and policy guidelines.
“To solve fundamental security issues, the
Web Application Security Consortium brings together leading talent
and experience from across the industry,” said Jeremiah Grossman,
spokesperson and co-founder of WASC. “WASC charter members
are excited to be a part of this initiative and are eager to begin
working on upcoming projects.”
WASC will announce its schedule for upcoming projects during the
first calendar quarter of 2004, and will welcome additional members
in the coming months.
About the Web Application Security Consortium
Founded in January 2004, the Web Application
Security Consortium (WASC) is a group of top security experts dedicated
to developing and promoting standards of best practice for the World
Wide Web. Through firsthand experience, WASC members understand
the risks of conducting business online and the challenges of securing
web sites against all conceivable threats. WASC will improve web
application security by assisting application developers, security
professionals and software vendors. Through a collaborative effort
with the community, WASC feels strongly that significant progress
can be made to enhance the overall security of the Web.
For more information, please visit the Web
Application Security Consortium homepage: