Web Application Security Testing Methodology
Web Application Security Testing Methodology
FairCo's Web Application Security Testing Methodologies are derived from the Open Web Application Security Project ("OWASP"). OWASP is rapidly becoming the industry accepted standard for Web Application Security and provides detailed documentation for both the testing and the building of secure Web Applications.
OWASP derived methodologies offer many benefits over proprietary methodologies. One of the
primary benefits of OWASP standards is that they are under constant peer-review. Not only does
this peer-review prevent OWASP from becoming stale like many proprietary methodologies, but it
also ensures that OWASP standards stays current with international best practices, laws and
regulations.
Another important benefit of following the OWASP standards is that they enable FairCo to focus on exactly what needs to be tested to ensure the required levels of security. This granular approach enables FairCo's Web Application Security Testing Methodologies to partially derive standards from the Open Source Security Testing Methodology Manual ("OSSTMM") which is authored by the Institute For Security and Open Methodologies ("ISECOM"). OSSTMM is quickly gaining recognition as the de facto standard for security testing throughout the greater part of the security community.