This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Security Pins Project"
From OWASP
Timo Pagel (talk | contribs) (Tag: Visual edit) |
Hblankenship (talk | contribs) (→Classifications) |
||
| (9 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
| − | |||
| − | |||
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div> | <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div> | ||
| Line 6: | Line 4: | ||
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- | {| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- | ||
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" | | | valign="top" style="border-right: 1px dotted gray;padding-right:25px;" | | ||
| − | == | + | ==The OWASP Security Principles== |
| − | Oftentimes motivating security champions is a challenge. Most of the time, they're not willing to dedicate the time and effort to the invisible part of security. The product owners themselves focus on pushing the developement of features therefore the nessecity of security is often neglected or almost completely overlooked. | + | Oftentimes motivating security champions is a challenge. Most of the time, they're not willing to dedicate the time and effort to the invisible part of security. The product owners themselves focus on pushing the developement of features therefore the nessecity of security is often neglected or almost completely overlooked.[[File:Broken authentification.png|thumb]]That is why there is a need to visualize the investment in security, made by a champion or an entire team. One solution would be to give out corresponding buttons for every security event the champions attend. Those events could be something along the lines of a threat modeling session with OWASP Cornucopia or any other relevant topics. |
| − | |||
| − | That is why there is a need to visualize the investment in security, made by a champion or an entire team. One solution would be to give out corresponding buttons for every security event the champions attend. Those events could be something along the lines of a threat modeling session with OWASP Cornucopia or any other relevant topics. | ||
The buttons can be seen as a reward given to the representatives of each team, showcased in the team rooms. Preferably on a white hat or a sash. This concept could also be implemented with stickers. As an alternative to reward the attendency of a meeting, the actual implementation (e.g. using of a hardened image) might be rewarded. | The buttons can be seen as a reward given to the representatives of each team, showcased in the team rooms. Preferably on a white hat or a sash. This concept could also be implemented with stickers. As an alternative to reward the attendency of a meeting, the actual implementation (e.g. using of a hardened image) might be rewarded. | ||
| Line 21: | Line 17: | ||
==Licensing== | ==Licensing== | ||
| − | |||
| − | |||
| − | |||
| + | This project is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit <nowiki>http://creativecommons.org/licenses/by/4.0/</nowiki> or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042, USA. | ||
| + | |||
| + | <!-- DO NOT ALTER OR REMOVE THE TEXT ON NEXT LINE --><!-- DO NOT ALTER OR REMOVE THE TEXT ON NEXT LINE --> | ||
| + | | valign="top" style="padding-left:25px;width:200px;" | | ||
| − | + | == Quick Download == | |
| − | + | https://github.com/wurstbrot/security-buttons | |
== Project Leader == | == Project Leader == | ||
| + | Timo Pagel | ||
| − | + | == Classifications == | |
| − | |||
| − | |||
| − | |||
| − | + | <!-- Instructions are in RED and should be removed from your document by deleting the text with the span tags.--> | |
| − | |||
| − | |||
| − | {| width="200" cellpadding="2" | + | {| width="200" cellpadding="2" |
|- | |- | ||
| rowspan="2" align="center" valign="top" width="50%" | [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]] | | rowspan="2" align="center" valign="top" width="50%" | [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]] | ||
| − | | align="center" valign="top" width="50%" | | + | | align="center" valign="top" width="50%" | [[File:Owasp-builders-small.png|link=]] |
|- | |- | ||
| align="center" valign="top" width="50%" | [[File:Owasp-defenders-small.png|link=]] | | align="center" valign="top" width="50%" | [[File:Owasp-defenders-small.png|link=]] | ||
| Line 54: | Line 47: | ||
|} | |} | ||
| + | |||
| + | =FAQs= | ||
| + | |||
| + | |||
==How can I participate in your project?== | ==How can I participate in your project?== | ||
Create buttons. | Create buttons. | ||
==If I am not a programmer can I participate in your project?== | ==If I am not a programmer can I participate in your project?== | ||
| − | Create buttons. | + | Create buttons. |
= Acknowledgements = | = Acknowledgements = | ||
| Line 68: | Line 65: | ||
The first contributors to the project were: | The first contributors to the project were: | ||
| − | * Katharina | + | * Katharina Treptow__NOTOC__ |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
[[Category:OWASP Project]] | [[Category:OWASP Project]] | ||
[[Category:OWASP_Builders]] | [[Category:OWASP_Builders]] | ||
[[Category:OWASP_Defenders]] | [[Category:OWASP_Defenders]] | ||
[[Category:OWASP_Document]] | [[Category:OWASP_Document]] | ||
Latest revision as of 17:26, 28 December 2018
The OWASP Security PrinciplesOftentimes motivating security champions is a challenge. Most of the time, they're not willing to dedicate the time and effort to the invisible part of security. The product owners themselves focus on pushing the developement of features therefore the nessecity of security is often neglected or almost completely overlooked.That is why there is a need to visualize the investment in security, made by a champion or an entire team. One solution would be to give out corresponding buttons for every security event the champions attend. Those events could be something along the lines of a threat modeling session with OWASP Cornucopia or any other relevant topics.The buttons can be seen as a reward given to the representatives of each team, showcased in the team rooms. Preferably on a white hat or a sash. This concept could also be implemented with stickers. As an alternative to reward the attendency of a meeting, the actual implementation (e.g. using of a hardened image) might be rewarded. Benefits:
LicensingThis project is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/ or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042, USA. |
Quick Downloadhttps://github.com/wurstbrot/security-buttons Project LeaderTimo Pagel Classifications
| |||||||
FAQs
How can I participate in your project?
Create buttons.
If I am not a programmer can I participate in your project?
Create buttons.
Acknowledgements
Contributors
The OWASP Security Principles project is developed by a worldwide team of volunteers. A live update of project contributors is found here.
The first contributors to the project were:
- Katharina Treptow
