This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP Secure Web Application Framework Manifesto"

From OWASP
Jump to: navigation, search
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{Template:Project About
+
{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Project About</noinclude>
  
 
| project_name = OWASP Secure Web Application Framework Manifesto
 
| project_name = OWASP Secure Web Application Framework Manifesto
Line 13: Line 13:
  
 
| leader_name1 = Rohit Sethi  
 
| leader_name1 = Rohit Sethi  
| leader_email1 = rohit@securitycompass.com
+
| leader_email1 = rohit.sethi@owasp.org
 
| leader_username1 = rksethi  
 
| leader_username1 = rksethi  
  
 
| leader_name2 = Yuk Fai Chan  
 
| leader_name2 = Yuk Fai Chan  
| leader_email2 = yukfai@securitycompass.com
+
| leader_email2 = yuk.fai.chan@owasp.org
| leader_username2 =
+
| leader_username2 = Yuk Fai Chan
  
 
| contributor_name1 = Tom Aratyn  
 
| contributor_name1 = Tom Aratyn  
| contributor_email1 = tom@securitycompass.com
+
| contributor_email1 = tom.aratyn@owasp.org
 
| contributor_username1 =  
 
| contributor_username1 =  
  
 
| contributor_name2 = Sahba Kazerooni  
 
| contributor_name2 = Sahba Kazerooni  
| contributor_email2 = sahba@securitycompass.com
+
| contributor_email2 = sahba.kazerooni@owasp.org 
| contributor_username2 =
+
| contributor_username2 = Skazerooni
  
 
| contributor_name3 = Patrick Szeto  
 
| contributor_name3 = Patrick Szeto  
| contributor_email3 = patrick@securitycompass.com
+
| contributor_email3 = patrick.szeto@owasp.org 
 
| contributor_username3 =
 
| contributor_username3 =
  
Line 36: Line 36:
 
| presentation_link =   
 
| presentation_link =   
  
| mailing_list_name =  
+
| mailing_list_name = https://lists.owasp.org/mailman/listinfo/owasp-swaf-manifesto
  
| project_road_map =  
+
| project_road_map = http://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto/Roadmap
  
 
| links_url1 = http://labs.securitycompass.com/  
 
| links_url1 = http://labs.securitycompass.com/  
  
| links_name1 = SECCOM LABS Resources for Secure Software Engineering from Security Compass
+
| links_name1 = SECCOM LABS  
 +
 
 +
| links_url2 = http://www.owasp.org/index.php/Projects/OWASP_Secure_Web_Application_Framework_Manifesto/Releases/Current/Manifesto
 +
| links_name2 = OWASP Secure Web Application Framework Manifesto (Wiki Format)
  
 
| release_1 = SWAF Manifesto v0.08
 
| release_1 = SWAF Manifesto v0.08
Line 51: Line 54:
  
 
| release_4 =
 
| release_4 =
 +
 +
<!--- The line below is for GPC usage only. Please do not edit it --->
 +
| project_about_page = Projects/OWASP Secure Web Application Framework Manifesto
 +
 
}}
 
}}

Latest revision as of 17:27, 18 April 2011

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Secure Web Application Framework Manifesto (home page)
Purpose: The Secure Web Application Framework Manifesto is a document detailing a specific set of security requirements for developers of web application frameworks to adhere to. The goal is to help develop more secure applications from the start. The manifesto centers around the following beliefs:
  • Frameworks that are ‘secure by default’ will yield a dramatic reduction in the number of common web application security vulnerabilities.
  • Application security experts should provide, on a regularly basis, updated guidance to framework developers on how to incorporate mechanisms to avoid newly discovered vulnerabilities.
License: Creative Commons Attribution ShareAlike 3.0 license
who is working on this project?
Project Leader(s):
Project Contributor(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Main links:
Key Contacts
current release
SWAF Manifesto v0.08 - 01/10/2010 - (download)
Release description: Developers are increasingly relying on scaffolding-based systems like Rails and Django to build applications. The number of web application frameworks, scaffolding or otherwise, is constantly growing and it's becoming increasingly clear that securing these frameworks will be a major boon for the future of secure web applications.

Recognizing that many developers are gravitating to leveraging web application frameworks, we decided it was time to provide a list of positive features that these frameworks should include. This "Secure Web Application Framework Manifesto" must, of course, be a living document. At any given point, it should provide a minimum baseline of what a web application framework should include to appeal to security-conscious developers. We contend that if such a web application framework is broadly adopted, it will have far reaching effects into web application security.

Rating: Yellow button.JPG Not Reviewed - Assessment Details
last reviewed release
Not Yet Reviewed


other releases