This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Security Baseline Project"
From OWASP
(→Project Goals) |
|||
| (One intermediate revision by one other user not shown) | |||
| Line 1: | Line 1: | ||
| + | {| | ||
| + | |- | ||
| + | ! width="700" align="center" | <br> | ||
| + | ! width="500" align="center" | <br> | ||
| + | |- | ||
| + | | align="right" | [[Image:OWASP Inactive Banner.jpg|800px| link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Inactive_Projects]] | ||
| + | | align="right" | | ||
| + | |||
| + | |} | ||
| + | |||
==== Main ==== | ==== Main ==== | ||
| Line 18: | Line 28: | ||
* Benchmarking security of tested solutions using OWASP security guidelines and tools (OWASP Web Testing Environment/OWASP Live CD, etc), open-source testing tools | * Benchmarking security of tested solutions using OWASP security guidelines and tools (OWASP Web Testing Environment/OWASP Live CD, etc), open-source testing tools | ||
| − | * Collaborating with | + | * Collaborating with software vendors on improving security of assessed frameworks/products/services |
* Increasing awareness on available OWASP resources (guidelines, tools,etc) | * Increasing awareness on available OWASP resources (guidelines, tools,etc) | ||
| − | |||
== Project Roadmap == | == Project Roadmap == | ||
Latest revision as of 23:51, 7 April 2016
| |
|
|---|---|
|
Main
Project Description
- Benchmark security of enterprise products/services against OWASP Top 10 (and other) Security Risks
- Open and comprehensive security assessments of enterprise products/services
- Guidance/support for vendor-independent security verification of enterprise products/services
Project Goals
- Establishing an OWASP community which actively identifies products/services and devises suitable security test plans
- actively identify => use/work with/test/research it
- Benchmarking security of tested solutions using OWASP security guidelines and tools (OWASP Web Testing Environment/OWASP Live CD, etc), open-source testing tools
- Collaborating with software vendors on improving security of assessed frameworks/products/services
- Increasing awareness on available OWASP resources (guidelines, tools,etc)
Project Roadmap
Alpha
- devise testing methodology mapping to OWASP Top 10 Security Risks, including test plan, techniques, tools, etc
- establish disclosure policy
Beta
- publish testing methodology
- publish major case study
- gather community support
Stable
- assess major products/services and publish the outcome
- collaborate with vendors to improve security of assessed solutions
- framework in pace for assessing other classes of products/services
- coordinate and publish community-validated results
Work in Progress
- Benchmarking Enterprise E-mail Security Solutions (including Google Message Security SaaS)
- Benchmarking Enterprise Social Networking Platforms
- ...
Call for Participation
Anyone with an interest in improving application security
- Security Engineers
- Security Analysts
- Penetration Testers
- Security Researchers
- Software Developers
- …
If you find an issue, don’t stop testing! There is a very good chance there are few more :)
Project About
| PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| |||||||||||||||||||||||||||||||||||||
