ComputerWorld Australia: OASIS to Develop Common Security Language

"A new committee at the Organization for the Advancement of Structured Information Standards (OASIS) is laying the groundwork for a new classification system to describe Web security vulnerabilities.

"The OASIS Web Application Security (WAS) Technical Committee will be responsible for developing an XML (Extensible Markup Language) schema that describes Web security conditions and provides guidelines for classifying and rating the risk level of application vulnerabilities, according to a statement released by OASIS on Wednesday.

"The new committee is made up of representatives from a number of companies in the security space including Netcontinuum, Qualys, Sanctum and SPI Dynamics..."

Complete Story

Related Stories:

• internetnews.com: Open Source Group Issues Top Ten Web Vulnerabilities(Jan 14, 2003)
• LinuxSecurity.com: Security: Physical and Service, Apache [Parts 1 and 2](Nov 13, 2002)
• OWASP.org: A Guide to Building Secure Web Applications, Version 1.1(Sep 25, 2002)
• LinuxPlanet: Moving The Open Web Application Security Project Out Of The Shadows(Jul 24, 2002)