Survey on Vuln Disclosure: Request for Participation

From: Richard Forno (rforno@infowarrior.org)
Date: Thu Jan 19 2006 - 10:08:34 EST

• Next message: Derick Anderson: "RE: PHP and MySQL"
• Previous message: AdamT: "Re: PHP and MySQL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

(previously posted to Bugtraq and FD a few weeks ago as part of a
'staggered' announcement schedule.......rf)

Greetings, fellow Pentesters ---

As part of my doctoral studies, I am seeking community input regarding how
secrecy and openness can be balanced in the analysis and alerting of
security vulnerabilities to protect critical national infrastructures. To
answer this question, my thesis is investigating:

1. How vulnerabilities are analyzed, understood and managed throughout
the vulnerability lifecycle process.

2. The ways that the critical infrastructure security community interact
to exchange security-related information and the outcome of such
interactions to date.

3. The nature of and influences upon collaboration and
information-sharing within the critical infrastructure protection community,
particularly those handling internet security concerns.

4. The relationship between secrecy and openness in providing and
exchanging security-related information.

The survey is located at http://www.infowarrior.org/survey.html and should
take 10-15 minutes to complete. Participation is both voluntary and
anonymous. Thank you for your help with this endeavor, and for helping
distribute this request for participation to other interested parties/lists.

The survey will be online through early March.

Thanks again,

Rick
-infowarrior.org

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Derick Anderson: "RE: PHP and MySQL"
• Previous message: AdamT: "Re: PHP and MySQL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:23 EDT