This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:template Ruby on Rails Security Guide V2"

From OWASP

Jump to: navigation, search

Revision as of 18:06, 29 October 2008

PROJECT IDENTIFICATION
Project Name	OWASP Ruby on Rails Security Guide V2
Short Project Description	The last security guide for Rails was a great success, with a lot of more secure web applications and continued awareness in the community of security issues. The Ruby on Rails Security Project is the one and only source of information about Rails security topics, and I keep the community up-to-date with blog posts and conference talks in Europe. The Guide and the Project has been mentioned in several Rails books and web-sites. Version 1 of the Ruby on Rails Security Guide was sponsored by the SpoC 07, set the standard for OWASP programming language specific guides in terms of the topic outline and has been published as a book. Nevertheless I'm convinced that a more compact design and a "question-and-answer" style of writing will reach an even larger audience. Of course the new Guide will still include answers to the OWASP Top Ten security vulnerabilities. A lot has changed since the publishing of the first Guide. Some new security holes have been found, there are new advises and most importantly Rails version 2.0 has been released. The new Ruby on Rails Security Guide aims at providing an up-to-date coding and configuration guide for the Rails community.
Email Contacts	Project Leader Heiko Webers	Project Contributors (if applicable) Name&Email	Mailing List/Subscribe Mailing List/Use	First Reviewer Anthony Shireman Bio	Second Reviewer Steve Jones Bio	OWASP Board Member Name&Email

PROJECT IDENTIFICATION

Project Name

OWASP Ruby on Rails Security Guide V2

Short Project Description

The last security guide for Rails was a great success, with a lot of more secure web applications and continued awareness in the community of security issues. The Ruby on Rails Security Project is the one and only source of information about Rails security topics, and I keep the community up-to-date with blog posts and conference talks in Europe. The Guide and the Project has been mentioned in several Rails books and web-sites.

Version 1 of the Ruby on Rails Security Guide was sponsored by the SpoC 07, set the standard for OWASP programming language specific guides in terms of the topic outline and has been published as a book. Nevertheless I'm convinced that a more compact design and a "question-and-answer" style of writing will reach an even larger audience. Of course the new Guide will still include answers to the OWASP Top Ten security vulnerabilities.

A lot has changed since the publishing of the first Guide. Some new security holes have been found, there are new advises and most importantly Rails version 2.0 has been released. The new Ruby on Rails Security Guide aims at providing an up-to-date coding and configuration guide for the Rails community.

Email Contacts

Project Leader
Heiko Webers

Project Contributors
(if applicable)
Name&Email

Mailing List/Subscribe
Mailing List/Use

First Reviewer
Anthony Shireman
Bio

Second Reviewer
Steve Jones
Bio

OWASP Board Member
Name&Email

PROJECT MAIN LINKS
Download The Ruby on Rails Security Guide version 2 (If appropriate, links to be added)

RELATED PROJECTS
OWASP Web Application Security Put Into Practice

SPONSORS & GUIDELINES
Sponsor - OWASP Summer of Code 2008	Sponsored Project/Guidelines/Roadmap

ASSESSMENT AND REVIEW PROCESS
Review/Reviewer	Author's Self Evaluation (applicable for Alpha Quality & further)	First Reviewer (applicable for Alpha Quality & further)	Second Reviewer (applicable for Beta Quality & further)	OWASP Board Member (applicable just for Release Quality)
50% Review	Objectives & Deliveries reached? Yes, completed by 80% --------- See&Edit:50% Review/Self-Evaluation (A)	Objectives & Deliveries reached? Yes, updating formatting for final --------- See&Edit: 50% Review/1st Reviewer (C)	Objectives & Deliveries reached? Yes --------- See&Edit: 50%Review/2nd Reviewer (E)	X
Final Review	Objectives & Deliveries reached? Yes, 100%. --------- Which status has been reached? Release --------- See&Edit: Final Review/SelfEvaluation (B)	Objectives & Deliveries reached? Yes! --------- Which status has been reached? Final/Release Season of Code - --------- See&Edit: Final Review/1st Reviewer (D)	Objectives & Deliveries reached? Yes --------- Which status has been reached? Beta Season of Code - (To update) --------- See&Edit: Final Review/2nd Reviewer (F)	Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Season of Code - (To update) --------- See/Edit: Final Review/Board Member (G)

Retrieved from "https://wiki.owasp.org/index.php?title=Project_Information:template_Ruby_on_Rails_Security_Guide_V2&oldid=45092"

@@ Line 56: / Line 56: @@
   | style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
   | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>Yes, 100%.<br>---------<br>Which status has been reached?<br>Release<br>---------<br>[[Project Information:template Ruby on Rails Security Guide V2 - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
-  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes!''' (To update)<br>---------<br>Which status has been reached?<br>'''Final/Release'''<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Ruby on Rails Security Guide V2 - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
+  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes!''' <br>---------<br>Which status has been reached?<br>'''Final/Release'''<br>'''Season of Code''' - <br>---------<br>[[Project Information:template Ruby on Rails Security Guide V2 - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
   | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes''' <br>---------<br>Which status has been reached?<br>'''Beta'''<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Ruby on Rails Security Guide V2 - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
   | style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Ruby on Rails Security Guide V2 - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
   |-
   |}

Difference between revisions of "Project Information:template Ruby on Rails Security Guide V2"

Revision as of 18:06, 29 October 2008

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools