This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Threat Model Project"
From OWASP
(another batch of initial updates) (Tag: Visual edit) |
(more content) (Tag: Visual edit) |
||
Line 8: | Line 8: | ||
==The OWASP Threat Model Project== | ==The OWASP Threat Model Project== | ||
− | + | This is a documentation project. We aim to centralise any and all information on threat modeling in this project. | |
+ | |||
+ | All threat model methodologies answer one or more of the following questions: | ||
+ | # What are we building? | ||
+ | # What can go wrong? | ||
+ | # What are we going to do about that? | ||
+ | # Did we do a good enough job? | ||
+ | |||
+ | This project will gather techniques, methodologies, tools and examples. We will assign one or more categories to these reflecting the four questions. This will allow people to easily find back information they are interested in. | ||
+ | |||
+ | Example: if you are looking for different diagramming techniques you will want to look for all the techniques answering question 1. | ||
'''Guiding principles:''' | '''Guiding principles:''' | ||
Line 110: | Line 120: | ||
= Road Map = | = Road Map = | ||
− | * 2017 - 11: Release website with info that was agreed upon, add links to google docs for all open content | + | * 2017 - 11: Release website with info that was agreed upon during the OWASP 2017 Summit in London, add links to google docs for all open content |
* 2017 - 12: Add all content from summit, contributor list and examples | * 2017 - 12: Add all content from summit, contributor list and examples | ||
* 2018 - 01: Add contributor list, finish cheat sheets | * 2018 - 01: Add contributor list, finish cheat sheets |