This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Secure Software Contract Annex Italian
OWASP Secure Software Contract Annex (Italian Version)
SECURE SOFTWARE DEVELOPMENT CONTRACT ANNEX
WARNING: THIS DOCUMENT SHOULD BE CONSIDERED GUIDANCE ONLY. OWASP STRONGLY RECOMMENDS THAT YOU CONSULT A QUALIFIED ATTORNEY TO HELP YOU NEGOTIATE A SOFTWARE CONTRACT.
Introduction
This contract Annex is intended to help software developers and their clients negotiate and capture important contractual terms and conditions related to the security of the software to be developed or delivered. The reason for this project is that most contracts are silent on these issues, and the parties frequently have dramatically different views on what has actually been agreed to. We believe that clearly articulating these terms is the best way to ensure that both parties can make informed decisions about how to proceed.
"The security of commercial software will improve when the market demands better security.
At a minimum, every software request for proposal should ask vendors to detail how they
test their products for security vulnerabilities. This step will start convincing vendors
of off-the-shelf software and outsourced developers that enterprises value security."
-- As John Pescatore, research director with Gartner
We urge Clients and Developers to use this document as a framework for discussing expectations and negotiating responsibilities. This Annex is intended to be appended to a software development contract. These terms are negotiable, meaning they can and should be discussed by the Client and Developer.
ABOUT THE PROJECT
This document was created by The Open Web Application Security Project (OWASP) Foundation, a not-for-profit charitable organization dedicated to creating free and open tools and documentation related to secure software. To facilitate easy use in private contracting, this document is offered under the CC Share Alike 3.0 license. You may modify and use as you see fit. You can find additional details about this project at http://www.owasp.com/index.php/OWASP_Legal_Project. We welcome comment from both producers and consumers of software, as well as the legal community.
OWASP gratefully acknowledges the special contribution from Minded Security for their role in the research and preparation of this document.
Licensing
The OWASP Software Contract Annex Italian project is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
| valign="top" style="padding-left:25px;width:250px;border-right: 1px dotted gray;padding-right:25px;" |
What is OWASP Security Principles Project?
This document should serve as a guide to build a contract between the commitment of the Software to develop and the company that will deliver the software.
Presentation
Will be available soon
Project Leader
Avv. Valerio Vertua, Avv. Giuseppe Serafini
Related Projects
Openhub
Quick Download
Coming soon
News and Events
Coming soon
In Print
This project will be purchased as a print on demand book from Lulu.com
Classifications
Defender project.
