This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Security Knowledge Framework"
From OWASP
(→Main) (Tag: Visual edit) |
|||
(11 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
=Main= | =Main= | ||
− | |||
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">http://www.securityknowledgeframework.org/img/banner-wiki-owasp.jpg</div> | <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">http://www.securityknowledgeframework.org/img/banner-wiki-owasp.jpg</div> | ||
+ | <div style="width:100%;height:90px;border:0,margin:0;overflow: hidden;">[[File: flagship_big.jpg|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Flagship_Projects]]</div> | ||
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- | {| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- | ||
Line 43: | Line 43: | ||
==Donate== | ==Donate== | ||
− | + | {{#widget:PayPal Donation | |
+ | |||
+ | |target=_blank | ||
+ | |||
+ | |budget=OWASP SKF | ||
+ | |||
+ | }} | ||
| valign="top" style="padding-left:25px;width:125px;border-right: 1px dotted gray;padding-right:25px;" | | | valign="top" style="padding-left:25px;width:125px;border-right: 1px dotted gray;padding-right:25px;" | | ||
− | |||
== Project Download == | == Project Download == | ||
Line 53: | Line 58: | ||
<b>Installation guide:</b> | <b>Installation guide:</b> | ||
− | * http://skf.readme.io/v1.0/docs/installation | + | * http://skf.readme.io/v1.0/docs/installation |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Project Online Demo == | == Project Online Demo == | ||
− | '''username: admin password: test-skf''' | + | '''username: admin password: test-skf''' |
* https://demo.securityknowledgeframework.org<br /> | * https://demo.securityknowledgeframework.org<br /> | ||
− | '''Project website:''' | + | '''Project website:''' |
− | * http://www.secureby.design | + | * http://www.secureby.design |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Related Projects == | == Related Projects == | ||
Line 80: | Line 72: | ||
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project] | * [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Mobile_Security_Testing_Guide OWASP Mobile Application Verification Standard Project] | ||
== Project Leaders == | == Project Leaders == | ||
Line 91: | Line 84: | ||
| colspan="2" align="center" | [[File:Project_Type_Files_TOOL.jpg|link=https://www.owasp.org/index.php/Category:OWASP_Tool]] | | colspan="2" align="center" | [[File:Project_Type_Files_TOOL.jpg|link=https://www.owasp.org/index.php/Category:OWASP_Tool]] | ||
|- | |- | ||
− | | rowspan="2" align="center" valign="top" width="50%" | [[File: | + | | rowspan="2" align="center" valign="top" width="50%" | [[File:Mature projects.png|https://www.owasp.org/index.php?title=OWASP_Project_Stages]] |
| align="center" valign="top" width="50%" | [[File:Owasp-builders-small.png|link=Builders]] | | align="center" valign="top" width="50%" | [[File:Owasp-builders-small.png|link=Builders]] | ||
|- | |- | ||
Line 110: | Line 103: | ||
https://www.owasp.org/images/5/54/Skf-design-workshop.pptx.pdf | https://www.owasp.org/images/5/54/Skf-design-workshop.pptx.pdf | ||
− | = Roadmap and Getting Involved = | + | = Milestones / Roadmap and Getting Involved = |
+ | |||
+ | ==Next major release features== | ||
+ | * Implement the MASVS Knowledge base items in the OWASP-SKF project | ||
− | + | * Implement MASVS process flow under the new project section | |
+ | * Implement dynamic checklist creation for custom checklists to process flow under the new project section | ||
+ | * Add CWE to Knowledge base items | ||
+ | * Add how to pentest section per Knowledge base item (OWASP-Testing Guide) | ||
+ | * Add internationalist feature to SKF for supporting multiple human languages | ||
+ | * Market and brand the new AI chat-bot implementation | ||
+ | * Add dynamic questionnaire creation that links questions to security requirements | ||
− | Check out the: | + | Check out the detailed roadmap here: |
− | + | '''[https://waffle.io/blabla1337/skf-flask Online Scrum Board] ''' | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
==Getting Involved== | ==Getting Involved== | ||
Line 142: | Line 137: | ||
SKF uses the following services to provide quality over the code and releases. | SKF uses the following services to provide quality over the code and releases. | ||
− | == | + | == CI-Pipeline == |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | https:// | + | === Travis-ci.org: === |
+ | <code>Test and Deploy with Confidence. Easily sync your GitHub projects with Travis CI and you'll be testing your code in minutes! SKF Build details:</code> | ||
+ | <nowiki>https://travis-ci.org/blabla1337/skf-flask</nowiki> | ||
− | == | + | === Coveralls.io Python: === |
− | + | <code>DELIVER BETTER CODE. We help developers deliver code confidently by showing which parts of your code aren't covered by your test suite. SKF Coveralls details:</code> | |
+ | <nowiki>https://coveralls.io/r/blabla1337/skf-flask</nowiki> | ||
− | == | + | === codecov.io for Angular: === |
+ | <code>Code coverage done right. Highly integrated with GitHub, Bitbucket and GitLab. SKF codecov details:</code> | ||
+ | <nowiki>https://codecov.io/gh/blabla1337/skf-flask</nowiki> | ||
− | + | === Scrutinizer-ci.com: === | |
− | + | <code>Why to use Scrutinizer. Improve code quality and find bugs before they hit production with our continuous inspection platform. Improve Code Quality. SKF Scrutinizer details:</code> | |
− | https:// | + | <nowiki>https://scrutinizer-ci.com/g/blabla1337/skf-flask/</nowiki> |
− | + | === Bithound.io NPM packages: === | |
− | + | <code>BitHound provides your Node team with comprehensive and prioritized issues in your code and npm packages. SKF Bithound details:</code> | |
+ | <nowiki>https://www.bithound.io/github/blabla1337/skf-flask</nowiki> | ||
− | = | + | === Requires.io pip packages: === |
+ | <code>Stay Up-to-date! Stay secure! Requires.io monitors your Python projects dependencies, and notify you whenever any of your dependency is out-of-date. SKF Requires details:</code> | ||
+ | <nowiki>https://requires.io/github/blabla1337/skf-flask/requirements/</nowiki> | ||
− | + | === Black Duck Security Risk: === | |
− | + | <code>Announcing Black Duck CoPilot, a new service helping open source project teams catalog and report on their project's dependencies. SKF Requires details:</code> | |
− | + | <nowiki>https://copilot.blackducksoftware.com/github/groups/blabla1337/locations/skf-flask/public/results</nowiki> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | < | + | === uptimerobot.com: === |
− | + | <code>Monitor HTTP(s), Ping, Port and check Keywords. Get alerted via e-mail, SMS, Twitter, web-hooks or push. View uptime, downtime and response times.</code> | |
+ | === ssllabs.com & sslbadge.org: === | ||
+ | <code>ssllabs.org: Bringing you the best SSL/TLS and PKI testing tools and documentation. sslbadge.org: Creates a nice badge for your website SSL/TLS security settings based on the Qualys SSL Labs testing.</code> | ||
__NOTOC__ <headertabs></headertabs> | __NOTOC__ <headertabs></headertabs> |