This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP API Security Project"
From OWASP
David Shaw (talk | contribs) m |
David Shaw (talk | contribs) m |
||
| Line 12: | Line 12: | ||
== How To Help == | == How To Help == | ||
| − | Our | + | Our mailing list will be set up shortly. Please standby for further information, or contact [https://www.owasp.org/index.php/User:David_Shaw David Shaw] directly. |
== Roadmap == | == Roadmap == | ||
Revision as of 20:13, 9 October 2015
| |
|
|---|---|
|
Project Goal
The OWASP API Security Project is intended to help software developers create and deploy resilient APIs, and to help security assessors understand the subtle risks to which many APIs are vulnerable. The first goal of this project will be to create the OWASP Top Ten API Risks, which will act similarly to other OWASP "Top Ten" documents.
How To Help
Our mailing list will be set up shortly. Please standby for further information, or contact David Shaw directly.
Roadmap
- Research - The first stage of this project is to reach out to software developers and security auditors in order to gather information that will be used to create the OWASP Top Ten API Risks document.
- Creation of Top Ten Risks - The second stage of this project is to create the Top Ten deliverable, in order to both provide value to the security community, and to gather more publicity about the project.
- Creation of API Security Guides - The third stage of this project is to create in-depth technical documentation, both based on the Top Ten lists and other risks associated with APIs, that will be able to help developers avoid common pitfalls, and help security assessors evaluate APIs in a meaningful way.
