Difference between revisions of "Category:OWASP AppSec FAQ Project"

Jump to: navigation, search
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{| style="width:100%; background:white" align="center" border="0"| 
| colspan="4" style="width:100%; background:white" align="center" |
| style="width:10%; background:#white" align="center" | [[Image:Attention icon.png|50px]]
| style="width:80%; background:#white" align="center" |
This Project has been identified as an orphaned one.  If you find interest in assuming its lead, please contact the [[:Category:Global Projects Committee|Global Projects Committee]].
| style="width:10%; background:#white" align="center" | [[Image:Attention icon.png|50px]]
==== Main  ====
Line 45: Line 38:
[[OWASP AppSec FAQ Project Roadmap]]
[[OWASP AppSec FAQ Project Roadmap]]
==== Project Details ====
[[Category:OWASP Project|AppSec FAQ Project]]
[[Category:OWASP Project|AppSec FAQ Project]]
Line 50: Line 45:
[[Category:OWASP Download]]
[[Category:OWASP Download]]
[[Category:OWASP Release Quality Document]]
[[Category:OWASP Release Quality Document]]
{{:GPC Project Details/OWASP AppSec FAQ Project | OWASP Project Identification Tab}}
__NOTOC__ <headertabs />

Revision as of 09:41, 29 October 2009



What is this FAQ about?

This FAQ answers some of the questions that developers have about Web Application Security. This FAQ is not specific to a particular platform or language. It addresses the common threats to web applications and are applicable to any platform.

What are these common threats to Web Applications?

While developing an application, most of us are focused on the functionality rather than security. Attackers take advantage of this by exploiting the application in a number of ways. Some of the common threats to web applications are SQL Injection, Cross Site Scripting, Variable Manipulation and exploitation of important features like Forgot Password. There are separate sections in this FAQ answering the common questions on these threats.

Who developed this FAQ?

This FAQ is an evolving document with contributions from the security community. Sangita Pakala and her team from Paladion Networks developed the first version of the FAQ and maintain this page.

How can I contribute to this FAQ?

We need your feedback and contributions to improve the FAQ. We'd love to hear from you about:

  • New questions to add to the FAQ
  • Better answers for current questions
  • New links to documents/tools
  • Suggestions to improve the FAQ

You could mail your contributions to appsecfaq@owasp.org

You can find the full OWASP AppSec FAQ to see all the details.

The OWASP FAQ is available for download as Word and PDF formats.

New! The Spanish language verison of the FAQ is now available in Word and PDF formats. Many thanks to Juan Carlos and Alberto Pena for their fantastic Spanish translation work.

OWASP AppSec FAQ Project Roadmap

Project Details

What does this OWASP project offer you?
what is this project?
OWASP AppSec FAQ Project

Purpose: N/A

License: N/A

who is working on this project?
Project Leader: Pete Niner @

Project Maintainer: Pete Niner @

Project Contributor(s): N/A

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: Subscribe or read the archives

Project Roadmap: To view, click here

Main links:

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact Pete Niner @ to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.

Pages in category "OWASP AppSec FAQ Project"

The following 2 pages are in this category, out of 2 total.