Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Midude2000
Newcomer II
‎07-11-2022 12:44 PM
‎07-11-2022 12:44 PM

Web Application Vulnerability Program Audit

Hello:
I need to plan for a risk based audit around web application vulnerability management. I am looking for guidance on where to find some examples of RCMs (risk and control matrices) related such an audit

any sanitized examples of RCMs, audit programs will be great.

Reply
0 Kudos
1 Reply
Steve-Wilme
Advocate II
‎07-13-2022 09:24 AM
‎07-13-2022 09:24 AM

Probably best to start with the OWASP cheat sheets, as they include details of vulnerabilities and ways to address them.  Then you could also look at the CWE list.

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Reply
0 Kudos