HP Fortify Presentation
Fortify Taxonomy: Software Security Errors
http://fortify.com/vulncat/
The Open Web Application Security Project (OWASP)
http://www.owasp.org/
http://code.google.com/p/webgoat/
WebGoat
is a deliberately insecure J2EE web application designed to teach web
application security lessons. In each lesson, users must demonstrate
their understanding of a security issue by exploiting a real
vulnerability in the WebGoat
application. For example, in one of the lessons the user must use SQL
injection to steal fake credit card numbers. The application is a
realistic teaching environment, providing users with hints and code to
further explain the lesson
http://cwe.mitre.org/index.html
http://webstretch.sourceforge.net/
http://www.oschina.net/p/vega
http://www.oschina.net/p/watobo
http://www.80sec.com/
http://netsecurity.51cto.com/
http://www.80sec.com/pst-webzine
We can sett up a WebGoat Environment to improve more about defensive coding or testing consciousness. Is that what you're saying?
