« German sites close, as anti-hacking law arrives | Main | USA Today fun with XSS »

WASC Announcement: Web Application Security Scanner Evaluation Criteria Call for Participants

The Web Application Security Consortium is pleased to announce a new project " Web Application Security Scanner Evaluation Criteria (WASSEC)". Currently WASC is seeking volunteers from various sections of the community including penetration testers, scanner vendors, security researchers and also end users to contribute to the project.

A brief description of the project

The Web Application Security Evaluation Criteria is a set of guidelines to evaluate web application security scanners on their identification of web application vulnerabilities and its completeness. It will cover things like crawling, parsing, session handling, types of vulnerabilities and information about those vulnerabilities. The goal of this project is to evaluate the technical aspects of the web application security scanners and NOT the features provided by it.

The project page can be found at

If you would like to be involved with the project, please contact Anurag Agarwal (an





Project Page http://www.webappsec.org/projects/wassec/


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!