This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP AJAX Security Project"
Rsulatycki (talk | contribs) (→Current Project Status) |
Rsulatycki (talk | contribs) (→Project Roadmap) |
||
Line 5: | Line 5: | ||
==Project Roadmap== | ==Project Roadmap== | ||
− | 1. Gather existing presentations | + | 1. Gather existing presentations and pull ideas into OWASP <br> |
2. Review AJAX frameworks and identify security issues handled by these frameworks<br> | 2. Review AJAX frameworks and identify security issues handled by these frameworks<br> | ||
3. Review AJAX related literature (books, articles, ...)<br> | 3. Review AJAX related literature (books, articles, ...)<br> |
Revision as of 20:20, 23 February 2008
OWASP Ajax Security Project Table of ContentsIntroduction
The goal of the OWASP AJAX Security project is to dentify and document security issues encountered by AJAX applications and document ways to secure these applications. The OWASP AJAX Security project is being lead by Rohini Sulatycki.
Project Roadmap
1. Gather existing presentations and pull ideas into OWASP
2. Review AJAX frameworks and identify security issues handled by these frameworks
3. Review AJAX related literature (books, articles, ...)
4. Document ways to secure AJAX applications
Volunteers Needed
We are actively seeking contributors to add new sections . If you are interested in volunteering for the project, or have a comment, question, or suggestion, please drop me a line mailto:[email protected]
Also if you have an idea for new sub-projects then email us.
Update: We have a new volunteer Vishal Garg. Many thanks to Vishal!
Current Project Status
We are currently working on reviewing Ajax frameworks/tools. The intent of the review is to provide an overview of the framework, the security risks and how the frameworks can be secured.
The framework we are currently reviewing is the Google Web Toolkit[[1]]. If you have experience using GWT and/or are interested in participating in this review please contact us either though the mailing list or emailing Rohini
Updates
Jeff Williams 2/18/2008 article "Reduce your exposure to AJAX threats" can be viewed here[2]
The SPI Dynamics presentation from BlackHat 2007 can be viewed here [3]
Mailing List
Click here to subscribe to the OWASP Ajax Security Project mailing list.
Pages in category "OWASP AJAX Security Project"
The following 3 pages are in this category, out of 3 total.
Media in category "OWASP AJAX Security Project"
This category contains only the following file.