Dr. Drew Hwang, CIS, Cal Poly Pomona
Secure Web Development
The SANS Institute
The Web Application Security Consortium
(WASC) is an international organization consisting of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the Web. WASC facilitates the exchange of ideas and organizes industry Projects, releases technical information, contributed articles, security guidelines, and other useful documentation.
The Web Hacking Incidents Database
(WHID): This is a WASC project dedicated to maintaining a list of web applications related security incidents and to serve as a tool for raising awareness of the web application security problem and providing the information for statistical analysis of web applications security incidents.
Web Security Threat Classification
: This classification project is a cooperative effort to clarify and organize the threats to the Website security.
Web Application Security Statistics
: This WASC project is an industry wide collection of application vulnerability statistics in order to identify the existence and proliferation of application security issues on enterprise websites.