This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Review BSI IT-Grundschutz Baustein Webanwendungen"
| Line 2: | Line 2: | ||
[[Germany | OWASP German Chapter]] | [[Germany | OWASP German Chapter]] | ||
==Project Leader and Contact== | ==Project Leader and Contact== | ||
| − | [mailto:[email protected] Ralf] [[User:Ralf Reinhardt|Reinhardt]] | + | Project Leader: [mailto:[email protected] Ralf] [[User:Ralf Reinhardt|Reinhardt]] |
| + | General Contact to the Core Team [mailto:[email protected] [email protected]] | ||
| + | |||
==Abstract== | ==Abstract== | ||
| Line 9: | Line 11: | ||
Grundschutz Katalog") of the German Federal Office for Information | Grundschutz Katalog") of the German Federal Office for Information | ||
Security ("BSI") from the OWASP's point of view. | Security ("BSI") from the OWASP's point of view. | ||
| + | |||
==Introduction== | ==Introduction== | ||
| Line 29: | Line 32: | ||
OWASP project. This project will help to expand the visibility of OWASP | OWASP project. This project will help to expand the visibility of OWASP | ||
in the German IT security landscape broadly. | in the German IT security landscape broadly. | ||
| + | |||
==Roadmap== | ==Roadmap== | ||
| Line 38: | Line 42: | ||
* Review of OWASP's review itself | * Review of OWASP's review itself | ||
* Releasing the results | * Releasing the results | ||
| + | |||
==Deadline== | ==Deadline== | ||
06/01/2012, in German: '''01.06.2012''' | 06/01/2012, in German: '''01.06.2012''' | ||
| + | |||
==Relevant Links and Information== | ==Relevant Links and Information== | ||
| − | === | + | === Offical BSI Information === |
| + | |||
==Work in Progress== | ==Work in Progress== | ||
| − | Can be found in [Talk:OWASP_Review_BSI_IT-Grundschutz_Baustein_Webanwendungen "Discussion"] | + | Can be found in [[Talk:OWASP_Review_BSI_IT-Grundschutz_Baustein_Webanwendungen| "Discussion"]]. |
| + | |||
==Core Team== | ==Core Team== | ||
| − | Boris Hemkemeier, | + | * Boris Hemkemeier, |
| − | Kai Jendrian, | + | * Kai Jendrian, |
| − | Ralf Reinhardt, | + | * Ralf Reinhardt, |
| + | |||
| + | |||
| + | ==Project Contributors== | ||
| + | * ''Your name here ;-)-- | ||
| + | |||
==Project Licence== | ==Project Licence== | ||
Creative Commons Attribution ShareAlike 3.0 | Creative Commons Attribution ShareAlike 3.0 | ||
| − | |||
| − | |||
| − | |||
Revision as of 22:48, 8 March 2012
Project Leader and Contact
Project Leader: Ralf Reinhardt General Contact to the Core Team [email protected]
Abstract
Technical review of the module web application ("Baustein Webanwendungen") of the IT-baseline protection catalog ("IT Grundschutz Katalog") of the German Federal Office for Information Security ("BSI") from the OWASP's point of view.
Introduction
The German "Federal Office for Information Security" (BSI), which is comparable to departments focused on security in organizations like NIST or CCTA, offers the IT Baseline Protection ("IT-Grundschutz") for public usage, which is based on ISO/IEC 27001. The IT Baseline Protection include a catalog of approx. 80 "Bausteine" (building blocks). Those blocks are dealing with one particular subject of IT security. They are usually written in the German language and later translated to English. They become the de facto standard for IT security and related certifications in Germany after they are finally released.
In January 2012 the draft of the block "Webanwendungen" (web applications) was released with a request for comments. Since this is the core expertise of OWASP we invited a delegate of the BSI to attend the last chapter meeting of the German Chapter which took place in Frankfurt / Main on the 3rd of February. The meeting's outcome was the strong wish to perform a review of that very web application block as an OWASP project. This project will help to expand the visibility of OWASP in the German IT security landscape broadly.
Roadmap
- Building a core team
- Reading the BSI documents
- Collecting comments from the community familiar with the BSI document
- Creating a common understanding
- Writing a review with OWASP glasses
- Review of OWASP's review itself
- Releasing the results
Deadline
06/01/2012, in German: 01.06.2012
Relevant Links and Information
Offical BSI Information
Work in Progress
Can be found in "Discussion".
Core Team
- Boris Hemkemeier,
- Kai Jendrian,
- Ralf Reinhardt,
Project Contributors
- Your name here ;-)--
Project Licence
Creative Commons Attribution ShareAlike 3.0
