townforge/beast
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
cc
beast/doc/qbk/01_intro/1a_bishop_fox.qbk
Vinnie Falco d9400ce618 Refactor docs
2019-02-24 18:46:27 -08:00

44 lines
2.0 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[/
Copyright (c) 2016-2019 Vinnie Falco (vinnie dot falco at gmail dot com)
Distributed under the Boost Software License, Version 1.0. (See accompanying
file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
Official repository: https://github.com/boostorg/beast
]
[section:security_review_bishop_fox Security Review (Bishop Fox) __video__]
Since 2005, [@https://www.bishopfox.com/ Bishop Fox] has provided
security consulting services to the Fortune 1000, high-tech startups,
and financial institutions worldwide.
Beast engaged Bishop Fox to assess the security of the Boost C++ Beast HTTP/S
networking library. The following report details the findings identified during
the course of the engagement, which started on September 11, 2017.
The assessment team conducted a hybrid application assessment of the Beast
library. Bishop Foxs hybrid application assessment methodology leverages
the real-world attack techniques of application penetration testing in
combination with targeted source code review to thoroughly identify
application security vulnerabilities. These fullknowledge assessments
begin with automated scans of the deployed application and source code.
Next, analyses of the scan results are combined with manual review to
thoroughly identify potential application security vulnerabilities. In
addition, the team performs a review of the application architecture and
business logic to locate any design-level issues. Finally, the team performs
manual exploitation and review of these issues to validate the findings.
[@https://vinniefalco.github.io/BeastAssets/Beast%20-%20Hybrid%20Application%20Assessment%202017%20-%20Assessment%20Report%20-%2020171114.pdf [*Beast - Hybrid Application Assessment 2017]]
[/ "Securing Boost.Beast: A Non-Traditional Source Code Review"]
'''
<mediaobject>
<videoobject>
<videodata fileref="https://www.youtube.com/embed/4TtyYbGDAj0?rel=0"
align="center" contentwidth="560" contentdepth="315"/>
</videoobject>
</mediaobject>
'''
[endsect]
Reference in New Issue View Git Blame Copy Permalink