Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 8 Jun 2015 13:32:19 -0400
From: Scott Arciszewski <scott@...agonie.com>
To: oss-security@...ts.openwall.com
Subject: Re: Suggestions Sought for Appsec Reading List

------------------------------

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 08.06.2015 05:09, Scott Arciszewski wrote:

Hi oss-sec readers!

Earlier this year, we decided to start a curated list for learning
about application security and host it on Github.

Currently, we have a good spread of general topics and
PHP-specific security pitfalls, but we'd like to gather more
resources to help developers with experience in a particular
language learn how to build more resilient applications.
https://github.com/paragonie/awesome-appsec

The list lives at that URL, please send pull requests. It's as easy
as creating a .json file somewhere appropriately within the data/
directory; I'll take care of the rest.

Scott Arciszewski Chief Development Officer Paragon Initiative
Enterprises <https://paragonie.com>


Is this intended just for programmers or also system administrators?

if so, you might want to add the recommendations ofhttps://bettercrypto.org

their recommendations can be found here as a
pdf:https://bettercrypto.org/static/applied-crypto-hardening.pdf

and on github as latex source (I believe).

if this is not about save configuration of services, please feel
free to ignore this message.

kind regards

Sven
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCAAGBQJVdcN+AAoJEAq0kGAWDrqlpZcL/2uQfEpiXTMt7BHxRlXrHJXp
lQs0T7z9dsPjeibU5/XXhe9zX8r3EjrjwkJVVlBqH3rr6LZOyiNnzVWIUrzLPqSq
A7PLlKLEKGAW3W4i+/txQWd4atYt2xIVEwv52qpmoB0zFBhQ+hqszq7nnwHlkNO2
fTEuziDNv2iohTYrm6MC4+faJcobLLZzxz32/7kgXvyJfiGxUrnDAbiRcAo1L1Dh
j44GCbOo7YaQtayaQn9wYnclnrq76w0qfDHfxzIQXVyTyDAvrZAeevF34bYxcdWF
IRif1H4llhq8DXoFt49fmtKkyGXUtnJ73NOkcdizakRllX/+I1uU4n9Dk9zsLwpN
4I1wlxWasryCx2qxdSxc3mN8Ru7T35tRYrh0OJU7T1S7Z5XzrWfxAkbPv81FFJvk
nVwjBnTZ+Hq6wjyNLv/p7ZlVRnvrX9QbV7bv2u4C8y8HGjV0ZbbOnC5+uJPSMkF4
SfwpoawTe6JDBxFaQGV7TcVhn4Fi5shwJxlZiPAZcQ==
=oaHM
-----END PGP SIGNATURE-----


My intended audience at the outset was programmers. However, the reality of
the situation is that programmers are often responsible for configuring
systems.

So thank you. I'll check it out tonight and consider its inclusion.

Scott Arciszewski
Chief Development Officer
Paragon Initiative Enterprises <https://paragonie.com>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ