 |
» |
|
|
|
|
|
|
|
Legislative summary
ISO 17799 is the commonly accepted international standard for information security management. As a standard (as opposed to a mandate or requirement), ISO 17799 does not list specific steps nor give specific methods for implementation. Instead, it offers a guideline as to what policies and procedures you should consider when implementing a secure web application. Use the ISO 177999 policy as a baseline in crafting a compliance policy to meet the needs of your organization and its security policy.
HP Application Security Center capabilities
- Assess your web applications for vulnerabilities that may result in the disclosure of sensitive or private information
- Verify that web application access to sensitive information is controlled by authentication and authorization
- Identify web application command injection vulnerabilities that may execute malicious code or programs
- Check that data communication is encrypted
- Check for vulnerability to denial of service attacks
- Get detailed security assessment reports categorized by ISO 17799 sections
|
PLEASE NOTE: This information is provided for informational purposes only. You should not rely on, take or fail to take any action based upon the enclosed information. The information on this Site is provided with the understanding that the authors and publishers are not herein engaged in rendering legal, accounting, tax, or other professional advice and services. As such, it should not be used as a substitute for consultation with professional accounting, tax, legal or other competent advisers. Future legislative amendments and/or your company's special circumstances may necessitate significant revisions to this information. Given the changing nature of laws, rules and regulations, and the inherent hazards of electronic communication, there may be delays, omissions or inaccuracies in information contained in this site and in HP software.
|
|
|
Printable version
