This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP Application Security Requirements Project"

From OWASP
Jump to: navigation, search
m
 
(10 intermediate revisions by 4 users not shown)
Line 1: Line 1:
[[:Category:OWASP Project|Click here to return to OWASP Projects page.]]
+
{|
 +
|-
 +
! width="700" align="center" | <br>
 +
! width="500" align="center" | <br>
 +
|-
 +
| align="right" | [[Image:OWASP Inactive Banner.jpg|800px| link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Inactive_Projects]]
 +
| align="right" |
 +
 
 +
|}
 +
= Application Security Requirements Project =
 +
<!--- [[:Category:OWASP Project|Click here to return to OWASP Projects page.]]
 
[[:Project Information:template Application Security Requirements Project|Click here to see (& edit, if wanted) the template.]]  
 
[[:Project Information:template Application Security Requirements Project|Click here to see (& edit, if wanted) the template.]]  
{{:Project Information:template Application Security Requirements Project}}
+
{{:Project Information:template Application Security Requirements Project}}---->
[[Category:OWASP Project]]
+
 
 +
== Overview ==
 +
Clearly articulating project-agnostic application security requirements —both general and specific requirements — is the best way to ensure that software is developed under strong and workable security guidance
 +
 
 +
* '''Project purpose:''' To assemble a useful base of generic security requirements that could be used in most applications.
 +
* '''Intended audience:''' Every person involved in application security, but especially for those responsible of sytem analysis and design.
 +
* '''Project products:''' Deliverables would be business-focused, developed for Business Analysts and Project Managers rather than software developers.
 +
 
 +
= About =
 +
 
 +
{{:Projects/OWASP Application Security Requirements Project | Project About}}
 +
 
 +
= Roadmap =
 +
 
 +
We are just re-starting the project after a couple of years without any progress.
 +
We need all the help we can get to make this a successful project
  
==Overview==
+
== Short-term actions ==
OWASP believe that clearly articulating project-agnostic web application security requirements&mdash;providing both high-level/general and low-level/specific ''sine quibus non''&mdash;is the best way to ensure that software is developed with strong, robust, yet workable security guidance.
+
#. Identify (map from other owasp projects) categorization and prioritize
* The intent of this project is to assemble a useful base of generic/common web application security requirements that could be used in most projects.
+
#. Identify software development standards to document requirements
* The product of this project is intended to help all involved in web application security, whether it is project management, risk assessment, software development, testing, etc.
+
#. Define work plan
* The ''reason d'etre'' of this project is that, whilst security requirements are sometimes well captured and clearly defined, there are other times when they are not, for any number of reasons.
+
#. Define document's introduction (scope of the document, composition of the document)
 +
#. Write first draft related to web applications
 +
#. Review and adjust plan
  
==Joining the Project==
+
==Long-term actions==
If you are interested in volunteering for the project, or just have a comment or question, please join the OWASP AppSec Requirements [http://lists.owasp.org/mailman/listinfo/owasp-appsec-requirements mailing list].
+
* Write requirements for mobile applications
 +
* Write requirements for web services
 +
* Write requirements for mobile applications
  
==Project Administrivia==
+
<br> __NOTOC__ <headertabs />
This project was initiated around September of 2007 under the management of Jamie Fisher. The project was rechartered in August of 2008. The interim project manager is [[User:Mchalmers|Matthew Chalmers]].
 
  
[[Category:OWASP Project]]
+
[[Category:OWASP_Document]] [[Category:OWASP_Alpha_Quality_Document]]
 +
[[Category:OWASP Project|Application Security Requirements Project]]

Latest revision as of 00:43, 27 July 2014
OWASP Inactive Banner.jpg

Overview

Clearly articulating project-agnostic application security requirements —both general and specific requirements — is the best way to ensure that software is developed under strong and workable security guidance

  • Project purpose: To assemble a useful base of generic security requirements that could be used in most applications.
  • Intended audience: Every person involved in application security, but especially for those responsible of sytem analysis and design.
  • Project products: Deliverables would be business-focused, developed for Business Analysts and Project Managers rather than software developers.
PROJECT INFO
What does this OWASP project offer you? 		RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Application Security Requirements Project (home page)
Purpose: To assemble a useful base of generic security requirements that could be used in most applications.
License: Creative Commons Attribution ShareAlike 3.0 license
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Main links:
Key Contacts
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases

We are just re-starting the project after a couple of years without any progress. We need all the help we can get to make this a successful project

Short-term actions

  1. . Identify (map from other owasp projects) categorization and prioritize
  2. . Identify software development standards to document requirements
  3. . Define work plan
  4. . Define document's introduction (scope of the document, composition of the document)
  5. . Write first draft related to web applications
  6. . Review and adjust plan

Long-term actions

  • Write requirements for mobile applications
  • Write requirements for web services
  • Write requirements for mobile applications

Media in category "OWASP Application Security Requirements Project"

This category contains only the following file.

Retrieved from "https://wiki.owasp.org/index.php?title=Category:OWASP_Application_Security_Requirements_Project&oldid=179330"