creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-15 15:34:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-web-application-vulnerability-triage/references/standards.md
T

34 lines
1.3 KiB
Markdown
Raw Blame History

# Standards - Web Application Vulnerability Triage
## Primary Standards
### OWASP Risk Rating Methodology
- **URL**: https://owasp.org/www-community/OWASP_Risk_Rating_Methodology
- **Purpose**: Structured approach to evaluating likelihood and impact of web vulnerabilities
### OWASP Top 10 (2021)
- **URL**: https://owasp.org/www-project-top-ten/
- **Categories**: A01 through A10 covering the most critical web application security risks
### OWASP Web Security Testing Guide v4.2
- **URL**: https://owasp.org/www-project-web-security-testing-guide/
- **Relevance**: Manual validation techniques for scanner findings
### CWE/SANS Top 25 Most Dangerous Software Weaknesses
- **URL**: https://cwe.mitre.org/top25/
- **Relevance**: Maps findings to common weakness enumeration for categorization
### CVSS v3.1 / v4.0
- **URL**: https://www.first.org/cvss/
- **Relevance**: Industry standard vulnerability scoring complementing OWASP risk rating
## Scanner References
| Tool | Type | Documentation |
|------|------|---------------|
| OWASP ZAP | DAST | https://www.zaproxy.org/docs/ |
| Burp Suite | DAST | https://portswigger.net/burp/documentation |
| Semgrep | SAST | https://semgrep.dev/docs/ |
| SonarQube | SAST | https://docs.sonarqube.org/ |
| Snyk Code | SAST | https://docs.snyk.io/scan-with-snyk/snyk-code |
Reference in New Issue View Git Blame Copy Permalink