Difference between revisions of "ASDR Table of Contents"

From OWASP
Jump to: navigation, search
(Project)
Line 2: Line 2:
  
 
Contact [mailto:leonardocavallari@gmail.com Leonardo Cavallari] to volunteer to draft or review a section of the table of contents.  We will be releasing version 1.0 on April 1, 2008.
 
Contact [mailto:leonardocavallari@gmail.com Leonardo Cavallari] to volunteer to draft or review a section of the table of contents.  We will be releasing version 1.0 on April 1, 2008.
 +
 +
===Work Plan===
 +
 +
1)'''Candidate for articles development and review.'''
 +
 +
2)'''Identify Duplicate articles among sections.'''' We noticed there are articles classified as vulnerabilities but that are actually attacks, and vice-versa. The same happens within other categories.
 +
So, once one takes an article, let's say [[Cross Site Scripting]], he/she will need to lookup up all articles listed in TOC to identify related ones (like [[XSS]], [[Alternate XSS Syntax]], [[XSS in error pages]], [[XSS using Script Via Encoded URI Schemes]], etc) and check if it’s possible to merge them into a unique article.
 +
 +
Here, it'll be necessary some skills and good sense to decide if merging fits better than keep separated.
 +
 +
NOTE: We really encourage people to inform which articles were merged by inserting <nowiki>{{template:CandidateForDeletion}}</nowiki> at top of articles used to create one article, so we can clean up wiki when project is done.
 +
 +
3)'''Develop Stubs and incomplete articles.'''
 +
At time of writing, there are about 300 stub articles that deserve special attention. What we need here are some focused volunteers that can develop at least one article from the scratch, based on the related template. We know that are many smart guys (and some girls too :) ) reading this, so Let's Work it Out!
 +
 +
4)'''Identify and develop new articles''', mainly for [[Technical Impact]] and [[Business Impact]]. If you noticed that we are missing an article, please, let us know about it and fell free to develop it. We'll really appreciate!
 +
 +
5)'''Revision Phase''''. Once articles is finished, it will be tagged as "drafted" and then other volunteers will start revision it.
 +
 +
'''Last but not least: '''
 +
* Use the templates without deviations!
 +
* The '''Countermeasure''' Category is being replaced by '''Control''', so the references should be updated as well.
 +
*[[Attack]] articles are mostly completed (developed for [[SpoC_007_-_Attacks_Reference_Guide_-_Progress_Page SpoC 007]]) and need adjustment to new template.
 +
* Any article identified as erroneous or improper may be tagged with <nowiki>{{template:CandidateForDeletion}}</nowiki > at top of it, so we can review and make decision to remove it.
 +
* Any doubt, contact [mailto:leonardocavallari@gmail.com Leonardo Cavallari]!
  
 
==Templates==
 
==Templates==

Revision as of 06:45, 19 February 2008

Project

Contact Leonardo Cavallari to volunteer to draft or review a section of the table of contents. We will be releasing version 1.0 on April 1, 2008.

Work Plan

1)Candidate for articles development and review.

2)Identify Duplicate articles among sections.' We noticed there are articles classified as vulnerabilities but that are actually attacks, and vice-versa. The same happens within other categories. So, once one takes an article, let's say Cross Site Scripting, he/she will need to lookup up all articles listed in TOC to identify related ones (like XSS, Alternate XSS Syntax, XSS in error pages, XSS using Script Via Encoded URI Schemes, etc) and check if it’s possible to merge them into a unique article.

Here, it'll be necessary some skills and good sense to decide if merging fits better than keep separated.

NOTE: We really encourage people to inform which articles were merged by inserting {{template:CandidateForDeletion}} at top of articles used to create one article, so we can clean up wiki when project is done.

3)Develop Stubs and incomplete articles. At time of writing, there are about 300 stub articles that deserve special attention. What we need here are some focused volunteers that can develop at least one article from the scratch, based on the related template. We know that are many smart guys (and some girls too :) ) reading this, so Let's Work it Out!

4)Identify and develop new articles, mainly for Technical Impact and Business Impact. If you noticed that we are missing an article, please, let us know about it and fell free to develop it. We'll really appreciate!

5)Revision Phase'. Once articles is finished, it will be tagged as "drafted" and then other volunteers will start revision it.

Last but not least:

  • Use the templates without deviations!
  • The Countermeasure Category is being replaced by Control, so the references should be updated as well.
  • Attack articles are mostly completed (developed for SpoC_007_-_Attacks_Reference_Guide_-_Progress_Page SpoC 007) and need adjustment to new template.
  • Any article identified as erroneous or improper may be tagged with {{template:CandidateForDeletion}} at top of it, so we can review and make decision to remove it.
  • Any doubt, contact Leonardo Cavallari!

Templates

Here are the templates for the various types of articles:


Table of Contents

Forward

Section 1: Principles

Section 2: Threat Agents

Section 3: Attacks

Section 4: Vulnerabilities

Section 5: Controls

Section 6: Technical Impacts

Section 7: Business Impacts

Appendices