This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP Application Security Requirements Project"
Line 1: | Line 1: | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION''' | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''Project Name''' | ||
+ | | colspan="6" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Application Security Requirements Project''' | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description''' | ||
+ | | colspan="6" style="width:85%; background:#cccccc" align="left"| | ||
+ | * The intent of this project is to assemble a useful base of generic/common web application security requirements that could be used in most projects. | ||
+ | * The product of this project is intended to help all involved in web application security, whether it is project management, risk assessment, software development, testing, etc. | ||
+ | * The ''reason d'etre'' of this project is that, whilst security requirements are sometimes well captured and clearly defined, there are other times when they are not, for any number of reasons. | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts''' | ||
+ | | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[mailto:matthew.chalmers(at)owasp.org '''Matthew Chalmers'''] | ||
+ | | style="width:14%; background:#cccccc" align="center"|Project Contributors<br>(if applicable)<br>[mailto:to(at)change '''Name&Email'''] | ||
+ | | style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-google-hacking '''Mailing List/Subscribe''']<br>[mailto:owasp-google-hacking(at)lists.owasp.org '''Mailing List/Use'''] | ||
+ | | style="width:14%; background:#cccccc" align="center"|First Reviewer<br>[mailto:name(at)name '''Name''']<br> | ||
+ | | style="width:14%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:name(at)name '''Name'''] | ||
+ | | style="width:15%; background:#cccccc" align="center"|OWASP Board Member<br>(if applicable)<br>[mailto:name(at)name '''Name&Email'''] | ||
+ | |} | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT MAIN LINKS''' | ||
+ | |- | ||
+ | | style="width:100%; background:#cccccc" align="center"| | ||
+ | Repository on "Google Code" [http://code.google.com/p/googlehacking/] | ||
+ | |} | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''RELATED PROJECTS''' | ||
+ | |- | ||
+ | | style="width:100%; background:#cccccc" align="center"| | ||
+ | * [[:Category:OWASP Testing Project|OWASP Testing Project/"Search Engine Reconnaissance" section]] | ||
+ | |} | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''SPONSORS & GUIDELINES''' | ||
+ | |- | ||
+ | | style="width:50%; background:#cccccc" align="center"|Sponsor name, if applicable | ||
+ | | style="width:50%; background:#cccccc" align="center"|[[:Category:OWASP Google Hacking Project RoadMap|'''Project Guidelines/Roadmap''']] | ||
+ | |} | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | ! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS | ||
+ | |- | ||
+ | | style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer''' | ||
+ | | style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation'''<br>(applicable for Alpha Quality & further) | ||
+ | | style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer'''<br>(applicable for Alpha Quality & further) | ||
+ | | style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer'''<br>(applicable for Beta Quality & further) | ||
+ | | style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member'''<br>(applicable just for Release Quality) | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''First Review''' | ||
+ | | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Google Hacking Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]] | ||
+ | | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Google Hacking Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]] | ||
+ | | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Google Hacking Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]] | ||
+ | | style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Google Hacking Project - First Review - OWASP Board Member - D|See/Edit: First Review/Board Member (D)]] | ||
+ | |- | ||
+ | |} | ||
+ | |||
+ | |||
==Overview== | ==Overview== | ||
OWASP believe that clearly articulating project-agnostic web application security requirements—providing both high-level/general and low-level/specific ''sine quibus non''—is the best way to ensure that software is developed with strong, robust, yet workable security guidance. | OWASP believe that clearly articulating project-agnostic web application security requirements—providing both high-level/general and low-level/specific ''sine quibus non''—is the best way to ensure that software is developed with strong, robust, yet workable security guidance. |
Revision as of 16:05, 20 August 2008
PROJECT IDENTIFICATION | ||||||
---|---|---|---|---|---|---|
Project Name | OWASP Application Security Requirements Project | |||||
Short Project Description |
| |||||
Email Contacts | Project Leader Matthew Chalmers |
Project Contributors (if applicable) Name&Email |
Mailing List/Subscribe Mailing List/Use |
First Reviewer Name |
Second Reviewer Name |
OWASP Board Member (if applicable) Name&Email |
PROJECT MAIN LINKS | |||||
---|---|---|---|---|---|
Repository on "Google Code" [1] |
RELATED PROJECTS | |||||
---|---|---|---|---|---|
SPONSORS & GUIDELINES | |||||
---|---|---|---|---|---|
Sponsor name, if applicable | Project Guidelines/Roadmap |
ASSESSMENT AND REVIEW PROCESS | ||||
---|---|---|---|---|
Review/Reviewer | Author's Self Evaluation (applicable for Alpha Quality & further) |
First Reviewer (applicable for Alpha Quality & further) |
Second Reviewer (applicable for Beta Quality & further) |
OWASP Board Member (applicable just for Release Quality) |
First Review | Objectives & Deliveries reached? Not yet (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See&Edit: First Review/SelfEvaluation (A) |
Objectives & Deliveries reached? Not yet (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See&Edit: First Review/1st Reviewer (B) |
Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See&Edit: First Review/2nd Reviewer (C) |
Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See/Edit: First Review/Board Member (D) |
Overview
OWASP believe that clearly articulating project-agnostic web application security requirements—providing both high-level/general and low-level/specific sine quibus non—is the best way to ensure that software is developed with strong, robust, yet workable security guidance.
- The intent of this project is to assemble a useful base of generic/common web application security requirements that could be used in most projects.
- The product of this project is intended to help all involved in web application security, whether it is project management, risk assessment, software development, testing, etc.
- The reason d'etre of this project is that, whilst security requirements are sometimes well captured and clearly defined, there are other times when they are not, for any number of reasons.
Joining the Project
If you are interested in volunteering for the project, or just have a comment or question, please join the OWASP AppSec Requirements mailing list.
Project Administrivia
This project was initiated around September of 2007 under the management of Jamie Fisher. The project was rechartered in August of 2008. The interim project manager is Matthew Chalmers.
Media in category "OWASP Application Security Requirements Project"
This category contains only the following file.