Recent

Web Application Security Timeline RFC

In order to know where we’re going, we have to understand where we have come from.

I began wondering a couple of days ago, how did we get here? What was the evolution of web application security? To answer this question I decided to put together a Web Application Security Timeline.

The timeline I present to you today is just a start, I hope to make it more comprehensive with feedback from the community. So I ask for your comments!

  • What were the most significant events in the short history of web application security?
  • What is missing from the timeline?
  • How would you improve it?

Web Application Security Timeline DRAFT

Posted on 9 January, 2011 by ethicalhack3r

7 Responses to “Web Application Security Timeline RFC”


  1. Tweets that mention Web Application Security Timeline RFC | ethicalhack3r -- Topsy.com


    [...] This post was mentioned on Twitter by netsecured. netsecured said: RT @plexpod2011Web Application Security Timeline RFC http://bit.ly/h6g7rI: [...]


    Comment posted on January 9, 2011 at 15:46:54 BST

  2. webappsec


    Would be worthwhile listing the formation of SPI Dynamics (true pioneers in web app security testing) under 1994 and public release of WebInspect 3.0 was in 2003. HP acquired SPI Dynamics in 2007, around the same time IBM acquired Watchfire.


    Comment posted on January 10, 2011 at 01:50:16 BST

  3. antonio


    You can also add:
    - information regarding secure software development methodologies, which included web considerations
    - web application security assessment tools major upgrade dates
    - launch dates for major blogs related to web security
    - major hacks that might considered as strong drivers for webapp security
    - etc.


    Comment posted on January 10, 2011 at 09:32:38 BST

  4. ethicalhack3r


    Thanks for the great suggestions!


    Comment posted on January 10, 2011 at 15:42:45 BST

  5. admin


    WAST v1.0 released:
    http://www.ethicalhack3r.co.uk/security/web-application-security-timeline-wast-v1-0/


    Comment posted on January 10, 2011 at 16:16:53 BST

  6. hah


    OWASP


    Comment posted on February 3, 2011 at 23:48:05 BST

  7. Web Application Security Timeline (WAST) v1.0 | National Cyber Security


    [...] of creating the Web Application Security Timeline (WAST) and posted an RFC yesterday in this post: http://www.ethicalhack3r.co.uk/security/web-application-security-timeline-rfc/. After much feedback from the WebAppSec community from various mailing lists, Twitter, email and [...]


    Comment posted on August 17, 2011 at 16:22:51 BST

Leave a Reply