This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Category:OWASP Application Security Requirements Project

Jump to: navigation, search

OWASP Inactive Banner.jpg


Clearly articulating project-agnostic application security requirements —both general and specific requirements — is the best way to ensure that software is developed under strong and workable security guidance

  • Project purpose: To assemble a useful base of generic security requirements that could be used in most applications.
  • Intended audience: Every person involved in application security, but especially for those responsible of sytem analysis and design.
  • Project products: Deliverables would be business-focused, developed for Business Analysts and Project Managers rather than software developers.
What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP Application Security Requirements Project (home page)
Purpose: To assemble a useful base of generic security requirements that could be used in most applications.
License: Creative Commons Attribution ShareAlike 3.0 license
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Main links:
Key Contacts
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases

We are just re-starting the project after a couple of years without any progress. We need all the help we can get to make this a successful project

Short-term actions

  1. . Identify (map from other owasp projects) categorization and prioritize
  2. . Identify software development standards to document requirements
  3. . Define work plan
  4. . Define document's introduction (scope of the document, composition of the document)
  5. . Write first draft related to web applications
  6. . Review and adjust plan

Long-term actions

  • Write requirements for mobile applications
  • Write requirements for web services
  • Write requirements for mobile applications

Media in category "OWASP Application Security Requirements Project"

This category contains only the following file.