Difference between revisions of "Writing Reports: value the real risk"

Revision as of 18:24, 19 November 2006

OWASP Testing Guide v2 Table of Contents

In this Chapter is described how to value the real risk for the purposes of a security assessment. The idea is to create a general methodology to break down the security findings and evaluate the risks with the goal of prioritize and manage them. It is presented a table that can easly represent a snapshot of the assessment. This table represents the technical informations to deliver to the client, then it is important to present another executive summary fo the management.

5.1 How to value the real risk
5.2 How to write the report of the testing

OWASP Testing Guide v2

Here is the OWASP Testing Guide v2 Table of Contents

@@ Line 1: / Line 1: @@
 {{Template:OWASP Testing Guide v2}}
+In this Chapter is described how to value the real risk for the purposes of a security assessment. The idea is to create a general methodology to break down the security findings and evaluate the risks with the goal of prioritize and manage them.
+It is presented a table that can easly represent a snapshot of the assessment. This table represents the technical informations to deliver to the client, then it is important to present another executive summary fo the management.
-...Intro here...<br>
+<br>
 [[How to value the real risk AoC|5.1 How to value the real risk]] <br>
 [[How to write the report of the testing AoC|5.2 How to write the report of the testing]]<br>
 <br> <br>
-[[OWASP Testing Guide v2 Table of Contents]]
-{{Template:Stub}}
 {{Category:OWASP Testing Project AoC}}

Difference between revisions of "Writing Reports: value the real risk"

Revision as of 18:24, 19 November 2006

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools