Category:OWASP Project Proof - Revision history

Jeff Williams at 03:09, 18 October 2006

2006-10-18T03:09:01Z

Aholmes at 15:37, 17 October 2006

2006-10-17T15:37:34Z

Aholmes at 15:23, 17 October 2006

2006-10-17T15:23:57Z

Aholmes at 15:23, 17 October 2006

2006-10-17T15:23:37Z

Aholmes at 15:22, 17 October 2006

2006-10-17T15:22:19Z

Aholmes at 15:07, 17 October 2006

2006-10-17T15:07:34Z

New page

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team.

==Proposing a new project==

To propose a new project, please send an email to owasp@owasp.org. Each project should have a roadmap page that details the current set of tasks and rough schedule. The page should be named "OWASP XXX Project Roadmap"

==Project descriptions==

* [[:Category:OWASP AJAX Security Project|OWASP AJAX Security Project]] - investigating the security of AJAX enabled applications
* [[:Category:OWASP Application Security Assessment Standards Project|OWASP Application Security Assessment Standards Project]] - establish a set of standards defining baseline approaches to conducting differing types/levels of application security assessment
* [[:Category:OWASP Application Security Metrics Project|OWASP Application Security Metrics Project]] - identify and provide a set of application security metrics that have been found by contributors to be effective in measuring application security
* [[:Category:OWASP AppSec FAQ Project|OWASP AppSec FAQ Project]] - an FAQ covering many application security topics
* [[:Category:OWASP CAL9000 Project|OWASP CAL9000 Project]] - a JavaScript based web application security testing suite
* [[:Category:OWASP CLASP Project|OWASP CLASP Project]] - a project focused on defining process elements that reinforce application security
* [[:Category:OWASP Code Review Project|OWASP Code Review Project]] - a new project to capture best practices for reviewing code
* [[:Category:OWASP Guide Project|OWASP Guide Project]] - a massive document covering all aspects of web application and web service security
* [[:Category:OWASP Honeycomb Project|OWASP Honeycomb Project]] - a comprehensive and integrated guide to the fundamental building blocks of application security
* [[:Category:OWASP Java Project|OWASP Java Project]] - a project focused on helping Java and J2EE developers build secure applications
* [[:Category:OWASP_LAPSE_Project|OWASP LAPSE Project]] - an Eclipse-based source static analysis tool for Java
* [[:Category:OWASP Legal Project|OWASP Legal Project]] - a project focused on contracting for secure software
* [[:Category:OWASP Live CD Project|OWASP Live CD Project]] - a CD containing ready to use versions of application security analysis and testing tools
* [[:Category:OWASP Logging Project|OWASP Logging Project]] - a project to define best practices for logging and log management
* [[:Category:OWASP .NET Project|OWASP .NET Project]] - a project focused on helping .NET developers build secure applications
* [[:Category:OWASP Orizon Project|OWASP Orizon Project]] - a project focused on the development of a flexible code review engine
* [[:Category:OWASP Pantera Web Assessment Studio Project|OWASP Pantera Web Assessment Studio Project]] - a project focused on combining automated capabilities with complete manual testing to get the best results
* [[:Category:OWASP PHP Project|OWASP PHP Project]] - a project focused on helping PHP developers build secure applications
* [[:Category:OWASP Risk Management Project|OWASP Risk Management Project]] - a new project focused on processes for managing application security risk
* [[:Category:OWASP Sprajax Project|OWASP Sprajax Project]] - an open source black box security scanner used to assess the security of AJAX-enabled applications
* [[:Category:OWASP SQLiX Project|OWASP SQLiX Project]] - a project focused on the development of SQLiX, a full perl-based SQL scanner
* [[:Category:OWASP Testing Project|OWASP Testing Project]] - a project focused on application security testing procedures and checklists
* [[:Category:OWASP Top Ten Project|OWASP Top Ten Project]] - an awareness document that describes the top ten web application security vulnerabilities
* [[:Category:OWASP Validation Project|OWASP Validation Project]] - a project that provides guidance and tools related to validation.
* [[:Category:OWASP WASS Project|OWASP WASS Project]] - a standards project to develop more concrete criteria for secure applications
* [[:Category:OWASP WebGoat Project|OWASP WebGoat Project]] - an online training environment for hands-on learning about application security
* [[:Category:OWASP WebScarab Project|OWASP WebScarab Project]] - a tool for performing all types of security testing on web applications and web services

[[OWASP Project Mailing Lists]]

@@ Line 41: / Line 41: @@
 * [[:Category:OWASP .NET Project|OWASP .NET Research]] - a project focused on helping .NET developers build secure applications
 * [[:Category:OWASP Testing Project|OWASP Testing Guide]] - a project focused on application security testing procedures and checklists
-* [[:Category:OWASP Validation Research|OWASP Validation Project]] - a project that provides guidance and tools related to validation
+* [[:Category:OWASP Validation Project|OWASP Validation Research]] - a project that provides guidance and tools related to validation
 * [[:Category:OWASP WASS Project|OWASP WASS Guide]] - a standards project to develop more concrete criteria for secure applications
 [[OWASP Project Mailing Lists]]

@@ Line 36: / Line 36: @@
 * [[:Category:OWASP Honeycomb Project|OWASP Honeycomb Guide]] - a comprehensive and integrated guide to the fundamental building blocks of application security
 * [[:Category:OWASP Java Project|OWASP Java Research]] - a project focused on helping Java and J2EE developers build secure applications
-* [[:Category:OWASP PHP Research|OWASP PHP Project]] - a project focused on helping PHP developers build secure applications
+* [[:Category:OWASP PHP Project|OWASP PHP Research]] - a project focused on helping PHP developers build secure applications
 * [[:Category:OWASP Legal Project|OWASP Legal Research]] - a project focused on contracting for secure software
 * [[:Category:OWASP Logging Project|OWASP Logging Guide]] - a project to define best practices for logging and log management
 * [[:Category:OWASP .NET Project|OWASP .NET Research]] - a project focused on helping .NET developers build secure applications
-* [[:Category:OWASP Testing Guide|OWASP Testing Project]] - a project focused on application security testing procedures and checklists
+* [[:Category:OWASP Testing Project|OWASP Testing Guide]] - a project focused on application security testing procedures and checklists
 * [[:Category:OWASP Validation Research|OWASP Validation Project]] - a project that provides guidance and tools related to validation
 * [[:Category:OWASP WASS Project|OWASP WASS Guide]] - a standards project to develop more concrete criteria for secure applications

@@ Line 5: / Line 5: @@
 To propose a new project, please send an email to owasp@owasp.org. Each project should have a roadmap page that details the current set of tasks and rough schedule. The page should be named "OWASP XXX Project Roadmap"
-==OWASP Active Projects==
-; Release Quality Projects
+==Release Quality Projects==
 * [[:Category:OWASP Top Ten Project|OWASP Top Ten Project]] - an awareness document that describes the top ten web application security vulnerabilities
 * [[:Category:OWASP WebGoat Project|OWASP WebGoat Project]] - an online training environment for hands-on learning about application security
@@ Line 12: / Line 16: @@
-; Beta Status Projects
+==OWASP Tool Labs (beta)==
 * [[:Category:OWASP CAL9000 Project|OWASP CAL9000 Project]] - a JavaScript based web application security testing suite
 * [[:Category:OWASP CLASP Project|OWASP CLASP Project]] - a project focused on defining process elements that reinforce application security
@@ Line 19: / Line 23: @@
 * [[:Category:OWASP SQLiX Project|OWASP SQLiX Project]] - a project focused on the development of SQLiX, a full perl-based SQL scanner
 * [[:Category:OWASP Pantera Web Assessment Studio Project|OWASP Pantera Web Assessment Studio Project]] - a project focused on combining automated capabilities with complete manual testing to get the best results
 * [[:Category:OWASP Live CD Project|OWASP Live CD Project]] - a CD containing ready to use versions of application security analysis and testing tools
 * [[:Category:OWASP Orizon Project|OWASP Orizon Project]] - a project focused on the development of a flexible code review engine
-; Technology, Research and Guides
 * [[:Category:OWASP AJAX Security Project|OWASP AJAX Security Guide]] - investigating the security of AJAX enabled applications
 * [[:Category:OWASP Application Security Assessment Standards Project|OWASP Application Security Assessment Standards Project]] - establish a set of standards defining baseline approaches to conducting differing types/levels of application security assessment
 * [[:Category:OWASP Application Security Metrics Project|OWASP Application Security Metrics Project]] - identify and provide a set of application security metrics that have been found by contributors to be effective in measuring application security
 * [[:Category:OWASP Code Review Project|OWASP Code Review Project]] - a new project to capture best practices for reviewing code
-* [[:Category:OWASP Guide Project|OWASP Guide Project]] - a massive document covering all aspects of web application and web service security
+* [[:Category:OWASP Honeycomb Project|OWASP Honeycomb Project]] - a comprehensive and integrated guide to the fundamental building blocks of application security
-* [[:Category:OWASP Honeycomb Project|OWASP Honeycomb Guide]] - a comprehensive and integrated guide to the fundamental building blocks of application security
+* [[:Category:OWASP Java Project|OWASP Java Project]] - a project focused on helping Java and J2EE developers build secure applications
-* [[:Category:OWASP Java Project|OWASP Java Research]] - a project focused on helping Java and J2EE developers build secure applications
+* [[:Category:OWASP PHP Project|OWASP PHP Project]] - a project focused on helping PHP developers build secure applications
-* [[:Category:OWASP PHP Project|OWASP PHP Research]] - a project focused on helping PHP developers build secure applications
+* [[:Category:OWASP Testing Project|OWASP Testing Guide]] - a project focused on application security testing procedures and checklists
-* [[:Category:OWASP Legal Project|OWASP Legal Research]] - a project focused on contracting for secure software
+* [[:Category:OWASP Validation Project|OWASP Validation Project]] - a project that provides guidance and tools related to validation
 * [[:Category:OWASP Logging Project|OWASP Logging Guide]] - a project to define best practices for logging and log management
-* [[:Category:OWASP .NET Project|OWASP .NET Research]] - a project focused on helping .NET developers build secure applications
+* [[:Category:OWASP Risk Management Project|OWASP Risk Management Project]] - a new project focused on processes for managing application security risk
-* [[:Category:OWASP Testing Project|OWASP Testing Guide]] - a project focused on application security testing procedures and checklists
+* [[:Category:OWASP WASS Project|OWASP WASS Project]] - a standards project to develop more concrete criteria for secure applications
 [[OWASP Project Mailing Lists]]

@@ Line 10: / Line 10: @@
 * [[:Category:OWASP WebGoat Project|OWASP WebGoat Project]] - an online training environment for hands-on learning about application security
 * [[:Category:OWASP WebScarab Project|OWASP WebScarab Project]] - a tool for performing all types of security testing on web applications and web services
@@ Line 19: / Line 18: @@
 * [[:Category:OWASP Sprajax Project|OWASP Sprajax Project]] - an open source black box security scanner used to assess the security of AJAX-enabled applications
 * [[:Category:OWASP SQLiX Project|OWASP SQLiX Project]] - a project focused on the development of SQLiX, a full perl-based SQL scanner