Revision as of 16:08, 27 May 2006 by Jeff Williams (Talk | contribs)

Jump to: navigation, search

Application Security Activities

This category should be used to mark articles about application security activities. Application security activities are key practices that are performed during the software development lifecycle in order to reduce risk or increase assurance in an application. Note that these are just independent steps, and that they may be integrated into a number of different software development approaches.

Given that these activities must support many different development lifecycles, they should not be too tightly coupled. To the extent possible, they should be written to augment common software development practices. Differences applying the activity in different lifecycles should be noted.

Each article about an activity should document the following:

  • the name of the activity
  • the goal or expected outcome of the activity
  • when in the overall software development lifecycle the activity is typically performed
  • dependencies with other activities
  • the inputs required to perform the activity
  • the deliverables from the activity
  • the skills and tools necessary to perform the activity
  • the set of steps that comprise the activity
  • notes on applying the activity in common software development processes

How to add a new Activity article

You can follow the instructions to make a new Activity article. Please use the appropriate structure and follow the Tutorial. Be sure to paste the following at the end of your article to make it show up in the Activity category:


The OWASP CLASP Project is focused on developing and enhancing these activities. Check there to look for tasks or see if your idea is already part of our plan.


This category has the following 11 subcategories, out of 11 total.