This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Working Session - Web Application Framework Security

From OWASP
Jump to: navigation, search
Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Work Session Name ISWG Web Application Framework Security
Short Work Session Description Generate
Related Projects (if any) Brainstorming on how to introduce more useful security into our web application frameworks

OWASP ISWG (Intrinsic Security Working Group) - Web Application Framework Security

Email Contacts & Roles Chair
Arshan Dabirsiaghi
Secretary
Kuai Hinojosa
Mailing list
Subscription Page
WORKING SESSION SPECIFICS
Objectives
  • Discuss gaps and patterns in gaps in security coverage across frameworks,
  • Discuss possible solutions for security areas.
Venue/Date&Time/Model Venue
OWASP EU Summit Portugal 2008
Date&Time
November 5, 2008
Time 9:00AM
Discussion Model
"Participants + Attendees"
WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power
WORKING SESSION ADDITIONAL DETAILS
  • Related resources: OWASP_Working_Session_-_Browser_Security_Letters
  • Frameworks to invite: .NET, J2EE, Spring, Struts, ASP.NET MVC, RoR, PHP, etc.
    • 10 Oct: "Open Letter to Frameworks (version for open mailing lists)" sent to
      • Ruby-on-Rails Core mailing list
      • Springnet Developer mailing list
      • Struts Dev mailing list
WORKING SESSION OUTCOMES
Statements, Initiatives or Decisions Proposed by Working Group Approved by OWASP Board
Actionable advice for each individual frameworks . After the Board Meeting - fill in here.
Identify points-of-contact for frameworks. After the Board Meeting - fill in here.

Working Session Participants

(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed
- TDB (Officially Invited by OWASP) dff6f773-6732-4cd8-addf-42a8ab367d22.gif Official Representative from Microsoft's ASP.NET team
- TDB (Officially Invited by OWASP) logo-struts.gif Official Representative from Apache Struts team
- TDB (Officially Invited by OWASP) cakephp.gif Official Representative from CakePHP team
- TDB (Officially Invited by OWASP) 20070625154105_rails.jpg Official Representative from Ruby-on-Rails team
- TDB (Officially Invited by OWASP) xdev-spring_logo.jpg Official Representative from Spring.NET team
1 Mario Heiderich Independent General Expertise
2 Gareth Heyes Independent General Expertise
3 Marcin Wielgoszewski Protiviti Participant
4 Adam Baso Symantec Participant
5 Giorgio Fedon Minded Security Participant
6 Colin Watson Watson Hall Participant
7 Esteban Ribicic HP Participant
8 Daniele Bellucci Communication Valley Partecipant
9
10

If needed add here more lines.