This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

ISWG Status 200904

From OWASP
Jump to: navigation, search

The goals of March/April included:

  • Publishing the Open Letter to Browsers
  • Finish and publish the Web Application Framework Security Matrix
  • Begin work on Struts2 security gap analysis

The framework security matrix has not been released due to increased contact with vendors looking to make sure the information in the document is accurate. Because of the utmost desire for accuracy, we will continue to delay as long as useful updates come in from vendors within reason. The Open Letter to Browsers is still being reviewed by committee and the document is becoming outdated and will almost definitely need to be scrapped without re-testing. The draft of the Struts2 security gap analysis has been sent to the OWASP Leaders list and we are awaiting feedback.

The goals of May-June include:

  • Publish the Web Application Framework Security Matrix
  • Publish the Struts2 security gap analysis
  • Continue outreach with Adobe, Spring, Sun, and Struts2 team