This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Product Requirement Recommendations Library"

From OWASP
Jump to: navigation, search
(Related Projects)
Line 13: Line 13:
 
-->
 
-->
  
 +
The OWASP Product Requirement Recommendations Library (PRRL) is a list of best practice recommended security product requirements that can be easily used for new web application definition and User Acceptance Testing (UAT) criteria.
  
 
==Description==
 
==Description==
  
The OWASP Product Requirement Recommendations Library is a list of best practice recommended security product requirements that can be easily used for new web application development projects.
+
The objectives of OWASP PRRL are to:
 +
<ul>
 +
<li>Improve end-product security design
 +
<li>Enable efficient application security consideration and definition in early PDLC phases Scoping and Design.
 +
    <ul>
 +
    <li>Reduce time and resource needs for project AppSec requirements discovery and definitions
 +
    </ul>
 +
<li>Improve application development and testing estimations for security best practice and regulatory compliance
 +
<li>Establish an industry recognized best practice benchmark standard that can be used evaluate application security designs
 +
<li>Make OWASP recommendations more accessible to business/non-technical stakeholders
 +
</ul>
  
 
==Licensing==
 
==Licensing==
Line 25: Line 36:
 
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
  
== What is OWASP Product Requirement Recommendations Library? ==
+
== What is PRRL? ==
 
 
 
<!--  
 
<!--  
 
Here you should add a short description of what your project actually does. What is the primary goal of your project, and why is it important?
 
Here you should add a short description of what your project actually does. What is the primary goal of your project, and why is it important?
Line 32: Line 42:
 
This document should serve as a guide to technical architects and designers outlining the fundamental principles of security.
 
This document should serve as a guide to technical architects and designers outlining the fundamental principles of security.
 
-->
 
-->
 +
 +
OWASP PRRL is working to develop:
 +
<ul>
 +
<li>OWASP Product Requirement Recommendations Library (PRRL)
 +
<li>Best Practice Application Security Work Flow Process Diagrams
 +
<li>Requirements Categorizations Taxonomy: Application Functionality, Risks, Controls
 +
<li>Application and Content Security Best Practices Resources Links
 +
</ul>
  
 
== Presentation ==
 
== Presentation ==
  
 
* [http://www.slideshare.net/rgrupe/owasp-prrl-overview Project Overview]
 
* [http://www.slideshare.net/rgrupe/owasp-prrl-overview Project Overview]
<!--
 
* In-work, very rough draft of Product Requirements Recommendations Document (PRRD) @ http://rgrupe.com/OWASP/OWASP_PPRD.xlsx (Recommendations tab)
 
-->
 
  
 
== Project Leader ==
 
== Project Leader ==
Line 57: Line 72:
 
| valign="top"  style="padding-left:25px;width:200px;" |
 
| valign="top"  style="padding-left:25px;width:200px;" |
  
 +
==Quick Download==
 +
<ul>
 +
<li>Coming 2015Q1: 1st draft of OWASP (PRRL)
 +
</ul>
 
<!-- Unused Sections  
 
<!-- Unused Sections  
Quick Download
 
This is where you can link to your repository.
 
 
 
In Print
 
In Print
 
This is where you place links to where your project product can be downloaded or purchased, in the case of a book.  
 
This is where you place links to where your project product can be downloaded or purchased, in the case of a book.  

Revision as of 20:12, 28 November 2014

OWASP Project Header.jpg

The OWASP Product Requirement Recommendations Library

The OWASP Product Requirement Recommendations Library (PRRL) is a list of best practice recommended security product requirements that can be easily used for new web application definition and User Acceptance Testing (UAT) criteria.

Description

The objectives of OWASP PRRL are to:

  • Improve end-product security design
  • Enable efficient application security consideration and definition in early PDLC phases Scoping and Design.
    • Reduce time and resource needs for project AppSec requirements discovery and definitions
  • Improve application development and testing estimations for security best practice and regulatory compliance
  • Establish an industry recognized best practice benchmark standard that can be used evaluate application security designs
  • Make OWASP recommendations more accessible to business/non-technical stakeholders

Licensing

Creative Commons Attribution ShareAlike 3.0

What is PRRL?

OWASP PRRL is working to develop:

  • OWASP Product Requirement Recommendations Library (PRRL)
  • Best Practice Application Security Work Flow Process Diagrams
  • Requirements Categorizations Taxonomy: Application Functionality, Risks, Controls
  • Application and Content Security Best Practices Resources Links

Presentation

Project Leader

Related Projects

Quick Download

  • Coming 2015Q1: 1st draft of OWASP (PRRL)

Classifications

New projects.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Product_Requirement_Recommendations_Library&oldid=186131"