This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP Supporting Legacy Web Applications in the Current Environment Project"

From OWASP
Jump to: navigation, search
Line 4: Line 4:
  
 
=What are legacy web applications=
 
=What are legacy web applications=
 
+
Legacy web applications are built in technologies, those technologies, that have been improved upon in terms of frameworks and key features since they were first built.
 
+
These are also the systems, the license for whose technologies, are expired, and it is no longer possible to either renew the licenses or to buy new licenses.
  
  
 
=Why do we still have them?=
 
=Why do we still have them?=
 
+
Legacy web applications are retained for a number if reasons, some of them being:
 +
1. Financial resources to replace these applications are not available, though there is a cost benefit in doing the same.
 +
2. The underlying architecture for the applications is complex and it is challenging to reconstruct the same.
 +
3. There are upstream and downstream elements dependent on this application and replacement of the central application will require replacement of all the connected applications.
  
  

Revision as of 02:43, 21 July 2013

Introduction

What are legacy web applications

Legacy web applications are built in technologies, those technologies, that have been improved upon in terms of frameworks and key features since they were first built. These are also the systems, the license for whose technologies, are expired, and it is no longer possible to either renew the licenses or to buy new licenses.


Why do we still have them?

Legacy web applications are retained for a number if reasons, some of them being: 1. Financial resources to replace these applications are not available, though there is a cost benefit in doing the same. 2. The underlying architecture for the applications is complex and it is challenging to reconstruct the same. 3. There are upstream and downstream elements dependent on this application and replacement of the central application will require replacement of all the connected applications.


What are the vulnerabilities?

What are the threats to these applications?

How do we address these risks in the current environment?

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Supporting Legacy Web Applications in the Current Environment Project (home page)
Purpose: Supporting Legacy Web Applications in the current environment.

Legacy web applications are a reality in life. Even now, there are several out there some of them supporting sensitive business area like banking, insurance, marketing and idea generation. As these applications get outsourced for maintenance, security becomes a crucial aspect both from a perspective of outsourcing and the inherent vulnerabilities of the web app. Added to this is the people aspect of lack of knowledge of security. Typically there is a gap between developers maintaining the application and the security personnel who help the developers in making the app more secure. I would like to highlight these challenges and bring forth the critical security points in legacy web apps.

License: CC-BY 3.0
who is working on this project?
Project Leader(s):
  • Shruti Kulkarni @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Shruti Kulkarni @ to contribute to this project
  • Contact Shruti Kulkarni @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases