Talking about this with out bluffing, you can search & find many more site's blogs that are related to this topic.
My ambition is to focus is to start from the fundamental theories and guidance which is required for going down this road to the in depth.
Most people are thinking Information system security is all about hacking or in other word "penetration testing". But it is not. It is one of the core aria which is under this Information system security.
Information Systems Security-|
|->Web application security-|
|->penetration testing
This is a simple explanation just for now, there's much more to add to this when talking about the all arias which is related to this.
One more thing to add to in the first place, talking about web application Security testing, it is coming under as a QA practice, this is one of the most wonderful aria in the SQA (Software Quality Assurance). Most people are thinking QA is the most boring thing in the IT industry. However we have to disagree with that one since QA has many more fascinating tec arias like Test Automation, Performance testing & including this one.
So basically in these posts as I mentioned earlier planing to cover the basic theories which is related to the web security.
There's long journey we have to enjoy this is just the beginning. see you in the next post.
