OWASP Security Frameworks Project

=Main=



{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 * valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

OWASP Security Frameworks
The OWASP Security Frameworks Project is a series of design patterns that can be used by language designers and architects to create secure frameworks for developers, thereby relieving developers of the work of implementing security themselves.

Introduction
Write a description that is just a few paragraphs long

Description
This project is the outgrowth of several conversations I've had recently, and a presentation given at AppSec CA by Ken Johnson and Mike McCabe (both of whom are on board to help out). There will be some copying from other projects (like some of the cheat sheets), but ultimately our goal is to provide language independent advice targeted at enterprise architects and the people who design programming languages. The goal is to make security functionality a part of the framework that a developer builds upon, so that the developer doesn't have to do it him or herself.

Licensing
The OWASP Security Framework is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


 * valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

What is the OWASP Security Frameworks Project?
OWASP Security Frameworks Project provides:


 * xxx
 * xxx

Presentation
Link to presentation

Project Leader
Ari Elias-Bachrach

Related Projects

 * OWASP_CISO_Survey


 * valign="top" style="padding-left:25px;width:200px;" |

Quick Download

 * Link to page/download

News and Events

 * [20 Nov 2013] News 2
 * [30 Sep 2013] News 1

In Print
This project can be purchased as a print on demand book from Lulu.com

Classifications

 * }

=FAQs=


 * Q1
 * A1


 * Q2
 * A2

= Acknowledgements =

Volunteers
XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:


 * xxx
 * xxx

Others

 * xxx
 * xxx

= Road Map and Getting Involved = As of February 2014, the priorities are:

The plan is to develop a series of documents that cover the various features an architecture should provide. For example we'll have a document on XSS prevention, database access, authentication, CSRF prevention, etc. Each one will contain the design patterns that should be implemented in order to provide those functions in a secure manner. They'll each be free standing documents which can eventually be combined together into one large pdf or book when we're "done".

Involvement in the development and promotion of XXX is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:
 * xxx
 * xxx

=Project About=