This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/OWASP Testing Project/Releases/Testing Guide V 4.0/Roadmap"
From OWASP
| Line 3: | Line 3: | ||
**Involve the contributors: we need to involve also the final users of the Testing Guide (for example Banking Companies to understand how they would like to improve that). | **Involve the contributors: we need to involve also the final users of the Testing Guide (for example Banking Companies to understand how they would like to improve that). | ||
** Update the OWASP vulnerability database. I mean we can update this:<br> | ** Update the OWASP vulnerability database. I mean we can update this:<br> | ||
| − | http://www.owasp.org/index.php/Testing_Checklist<br> | + | ** http://www.owasp.org/index.php/Testing_Checklist<br> |
| − | Inserting new testing techniques: HTTP Verb tampering, HTTP Parameter Pollutions, URL Redirection, | + | ** Inserting new testing techniques: HTTP Verb tampering, HTTP Parameter Pollutions, URL Redirection, Insecure Direct Object References, Insecure Cryptographic Storage, Failure to Restrict URL Access, Insufficient Transport Layer Protection, Unvalidated Redirects and Forwards. |
** Create a test case for each test to perform using O2 platform | ** Create a test case for each test to perform using O2 platform | ||
** Review and improve all the sections in v3, | ** Review and improve all the sections in v3, | ||
Revision as of 22:52, 16 July 2010
- Project Roadmap
- Introduce the new project to the testing Guide mailing list,
- Involve the contributors: we need to involve also the final users of the Testing Guide (for example Banking Companies to understand how they would like to improve that).
- Update the OWASP vulnerability database. I mean we can update this:
- http://www.owasp.org/index.php/Testing_Checklist
- Inserting new testing techniques: HTTP Verb tampering, HTTP Parameter Pollutions, URL Redirection, Insecure Direct Object References, Insecure Cryptographic Storage, Failure to Restrict URL Access, Insufficient Transport Layer Protection, Unvalidated Redirects and Forwards.
- Create a test case for each test to perform using O2 platform
- Review and improve all the sections in v3,
- Create a more readable guide, eliminating some sections that are not really useful, Rationalize some sections as Session Management Testing,
- Create a new section: Client side security and Firefox extensions testing.
Project Plan:
- 17th July 2010: Start a brainstorming for the new index starting from "Release Description",
- 5th August 2010: Create the new index and the new team,
- 6th August 2010: Starting writing articles,
- 15th September 2010: Starting the first review phase,
- 15th October 2010: Starting writing articles II phase,
- 15th November 2010: Starting the second review phase,
- 15th December 2010: Create the RC1,
- 15th January 2011: Release the version 4.
