cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Midude2000
Newcomer II

Web Application Vulnerability Program Audit

Hello:
I need to plan for a risk based audit around web application vulnerability management. I am looking for guidance on where to find some examples of RCMs (risk and control matrices) related such an audit

any sanitized examples of RCMs, audit programs will be great.

1 Reply
Steve-Wilme
Advocate II

Probably best to start with the OWASP cheat sheets, as they include details of vulnerabilities and ways to address them.  Then you could also look at the CWE list.

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS