Serge’s post on “Why Use TeamMentor”

Serge Security

Recently a question came up about the benefits of TeamMentor. Specifically, what is the typical scenario of people using TeamMentor.

The idea is that people might know about security controls but not how to implement them, then they go to TM and find out how to implement the controls. For example, Company finds out they have a bunch of SQLi and XSS in their web sites, but they don’t know what controls actually prevent those vulns. So, they do what happens very often, which is they go and add some specific filters or something to that specific vulnerable piece of code and don’t change the architecture at all. Overall, their security posture doesn’t really improve and the developers don’t learn from their mistakes. The same types of vulnerabilities continue to haunt them. Enter TM.

Someone finds out they have XSS. They go to TM and quickly find XSS in the…

View original post 230 more words


About Dinis Cruz

Dinis Cruz is the main developer of the OWASP O2 Platform and TeamMentor
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s