This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Summit 2011 Working Sessions/Session068

From OWASP
Revision as of 18:36, 8 February 2011 by Spinkham (talk | contribs) (Created page with "Aparently there was a collabotation link posted for the session? Can anyone put that here for reference? I'll put my $0.02 here in the mean time. We should make the easy stuff ...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Aparently there was a collabotation link posted for the session? Can anyone put that here for reference?

I'll put my $0.02 here in the mean time.

We should make the easy stuff go away,have the hard stuff well documented,and go to where devs are.They're too busy to come to us.

What can be solved by a framework or CSP flag should be, and what can't should be documented in the framework or language docs. Simply put, if you want to give devs security information, it needs to be in the places the devs go. That can include links to external resources for more details, but the first place the dev goes to for examples and documentation has to cover security well.

OWASP needs to connect with publishers to further that goal.

-- SPinkham

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:Summit_2011_Working_Sessions/Session068&oldid=104525"