|
|
| Line 1: |
Line 1: |
| − | {{:Project Information:template TODO: Top 10 Defenses Project}}
| + | moved to [https://www.owasp.org/index.php/Projects/OWASP_Proactive_Controls/Roadmap https://www.owasp.org/index.php/Projects/OWASP_Proactive_Controls/Roadmap]. |
| − | [[Category:OWASP Project|TODO: Top 10 Defenses Project]] | |
| − | [[Category:OWASP Document]]
| |
| − | [[Category:OWASP Alpha Quality Document]]
| |
| − | | |
| − | =The OWASP TODO: Top 10 Defenses=
| |
| − | | |
| − | Welcome to the OWASP TODO: Top 10 Defenses Project! This project is the comprehensive reference for all OWASP projects and application security in general. All of the materials here are free and open source.
| |
| − | | |
| − | By now you can:
| |
| − | | |
| − | * TOC
| |
| − | * TBA
| |
| − | * Volunteer to help this project!
| |
| − | | |
| − | == Status ==
| |
| − | | |
| − | : We are currently seeking volunteers who will help developing stub/empty articles listed bellow and bring it up to a production level of quality. Join us now to take part in this historic effort, just drop a line to [mailto:vanderaj@owasp.org Andrew van der Stock]!
| |
| − | | |
| − | == What's In It? ==
| |
| − | | |
| − | TBA
| |
| − | | |
| − | '''TODO: Top 10 Defenses Backlog'''
| |
| − | | |
| − | * Volunteers
| |
| − | * Roadmap
| |
| − | | |
| − | # Security Architecture (including incorporating agile ideas)
| |
| − | # Use a (more) secure development frameworks and leverage enterprise frameworks (UAG, etc)
| |
| − | # Input validation
| |
| − | # Output Encoding
| |
| − | # Identity: Authentication and Session Management
| |
| − | # Access Control (service / controller, data, URL, function / CSRF, presentation, etc)
| |
| − | # Data Protection (Data at rest, including in cloud)
| |
| − | # Audit, Logging and Error Handling
| |
| − | # Secure Configuration
| |
| − | # Secure Communications (Data in transit)
| |
| − | | |
| − | | |
| − | == What's It For? ==
| |
| − | | |
| − | TBA
| |
| − | | |
| − | == Why This Approach? ==
| |
| − | | |
| − | TBA
| |
| − | | |
| − | == How Is It Maintained? ==
| |
| − | | |
| − | * Agile creation - regular releases, time boxed, no heavy weight (e.g. 1.0 2.0) releases
| |
| − | | |
| − | TBA
| |
| − | | |
| − | ==Related Projects==
| |
| − | | |
| − | TBA
| |
| − | | |
| − | == Feedback and Participation: ==
| |
| − | | |
| − | We hope you find the OWASP TODO: OWASP Top 10 Defenses Project useful. Please contribute to the Project by volunteering for one of the tasks, sending your comments, questions, and suggestions to vanderaj@owasp.org. To join the OWASP TODO: OWASP Top 10 Defences Project mailing list or view the archives, please visit the [http://lists.owasp.org/mailman/listinfo/TBA subscription page.]
| |
| − | | |
| − | == Articles ==
| |
| − | | |
| − | TBA
| |
| − | | |
| − | == ==
| |
| − | | |
| − | [[Category:TODO-Top10-Defenses|TODO: OWASP Top 10 Defenses Project]]
| |
| − | | |
| − | __NOTOC__
| |
