ORGANIZATIONS AND RESEARCH CENTERS

 

http://www.owasp.org

OWASP was started in September 2000 with its mission to create an open source community where people could advance their knowledge about web application and web services security issues by either contributing their knowledge to the education of others or by learning about the topic from documentation and software produced by the project.

CERT (Computer Emergency Response Team)

 

"Research conducted by the CERT Analysis Center uses data from many sources to understand, assess, and predict Internet threats, both current and potential threats." Put out advisories

"Make http://www.cert.org one of your daily surfing stops." Advice from bignosebird.com

SANS Institute/Internet Storm Center

A lot of resources on their web sites including alerts, analysis of attacks such as the recent virus attack
   
George Mason University

Jeff Offutt's group--Doing research on a form of testing called bypass testing, a novel alternative to input validation which would help prevent cross-site scripting.

Princeton Security Center

 

"We study problems in computer security, especially mobile code systems such as Java, ActiveX, and JavaScript. We try to understand how security breaks down, and to develop technology to address the underlying causes of security problems."