Industry-Leading Security Experts Join Forces to Establish Web Application Security Consortium (WASC)

SAN FRANCISCO, Calif. -- February 23, 2004 – Top web applications security experts today announced the formation of the Web Application Security Consortium (WASC), a group dedicated to developing and promoting “security standards of best practice” for the World Wide Web. Rising to meet the growing challenges of web security, WASC through a collaborative effort will focus on assisting developers, security professionals and software vendors. Charter members of WASC include Application Security, KaVaDo, Sanctum, SPI Dynamics, Inc. and WhiteHat Security.

"The need for consistent technical terminology for web related security issues has a significant impact on risk assessment and remediation activities," said Pete Lindstrom, research director for Spire Security. "Establishing a standard approach for identifying these issues, along with a common terminology that everyone can adhere to, will help to thwart the increasing security risks associated with web applications."

WASC has identified its primary objectives to best address the challenges of developing security standards for the Web, which include:

  1. Identify the security risks to e-business and privacy on the Web.
  2. Establish consistent technical terminology relating to web security issues.
  3. Establish web application security standards of best practice for secure software development, independent security review and policy guidelines.

“To solve fundamental security issues, the Web Application Security Consortium brings together leading talent and experience from across the industry,” said Jeremiah Grossman, spokesperson and co-founder of WASC. “WASC charter members are excited to be a part of this initiative and are eager to begin working on upcoming projects.”

WASC will announce its schedule for upcoming projects during the first calendar quarter of 2004, and will welcome additional members in the coming months.


About the Web Application Security Consortium

Founded in January 2004, the Web Application Security Consortium (WASC) is a group of top security experts dedicated to developing and promoting standards of best practice for the World Wide Web. Through firsthand experience, WASC members understand the risks of conducting business online and the challenges of securing web sites against all conceivable threats. WASC will improve web application security by assisting application developers, security professionals and software vendors. Through a collaborative effort with the community, WASC feels strongly that significant progress can be made to enhance the overall security of the Web.

For more information, please visit the Web Application Security Consortium homepage:
http://www.webappsec.org
.