CLASP, Comprehensive Lightweight Application Security Process


While I was returning from a small business trip I decided to read CLASP (Comprehensive Lightweight Application Security Process) I fired it up in my notebook and really impressed but I think still need to improve lots of sections.

For example "Vulnerability View - Range & Type Errors" doesn't include lots of web application vulnerabilities like CSRF (Cross Sire Request Forgery) and much other, Checklists are really limited etc..

CLASP describes best practices for security processes for active application or new ones. You should definitely check it out. You can download CLASP from Secure Software.

For more info or fast start check out OWASP Wiki CLASP Section and CLASP presentation.

Recent Blog Posts

See all of the blog posts