Tuesday, January 5, 2010

WASC Threat Classification v2.0 is Out!

"The Threat Classification is an effort to classify the weaknesses, and attacks that can lead to the compromise of a website, its data, or its users."

The WASC Threat Classification is a cooperative effort to clarify and organize the threats to the security of a web site. The members of the Web Application Security Consortium have created this project to develop and promote industry standard terminology for describing these issues. Application developers, security professionals, software vendors, and compliance auditors will have the ability to access a consistent language and definitions for web security related issues.

WASC Threat Classification v2.0 Online:

What's new in the Threat Classification v2:
* Expanded Mission Statement
* Clarified terminology
* Proper Classification of threats into Attacks and Weaknesses for static/core view
* Base foundation allowing for the introduction of views into future releases.


  1. I am curious what does subjection to any threats depend on? I have a website: and in this area security of customers' data is above all.

  2. Welcomes to google terminal from Austin Texas! google snake
    Amazing insight you have on this, Happy wheels it's nice to find a website that details so much information about different artists... Age of war 2 This article always blew me... Earn to die For how many times I have read this.
    slither io Hi! I’ve been reading your blog for a while slitherio it's nice to find a website that details so much big farm