Difference between revisions of "Category:OWASP Application Security Requirements Project"

From OWASP
Jump to: navigation, search
(Application Security Requirements Overview)
Line 1: Line 1:
==About==
+
==Overview==
 +
OWASP believe that clearly articulating project-agnostic web application security requirements—providing both high-level/general and low-level/specific ''sine quibus non''—is the best way to ensure that software is developed with strong, robust, yet workable security guidance.
  
The intention of the OWASP Application Security Requirements project is to assemble a comprehensive list of generic (document) application security requirements that could be used in most projects.
+
* The intent of this project is to assemble a useful base of generic/common web application security requirements that could be used in most projects.
 
+
* The product of this project is intended to help all involved in web application security, whether it is project management, risk assessment, software development, testing, etc.
The output of the guide is intended to help all involved in application security, whether its project management, risk assessment, development, testing, etc.
+
* The ''reason d'etre'' of this project is that, whilst security requirements are sometimes well captured and clearly defined, there are other times when they are not, for any number of reasons.
 
+
The reason for this project is that while security requirements are sometimes captured well and defined clearly, I feel there are other times when they may not, for any number of reasons.
+
 
+
OWASP believe that clearly articulating an application security requirements guide detailing both high-level and specific requirements is the best way to ensure that a strong, robust yet workable guide can become default in all aspects of application security.
+
  
 
==Joining the Project==
 
==Joining the Project==
If you are interested in volunteering for the project, or have a comment, question, or suggestion, please join the Application Security Requirements [http://lists.owasp.org/mailman/listinfo/owasp-appsec-requirements mailing list].
+
If you are interested in volunteering for the project, or just have a comment or question, please join the OWASP AppSec Requirements [http://lists.owasp.org/mailman/listinfo/owasp-appsec-requirements mailing list].
 
+
==Application Security Requirements Overview==
+
 
+
The intention of the OWASP Application Security Requirements project is to assemble a comprehensive list of generic (document) application security requirements that could be used in most projects.
+
  
[[Category:Technology]]
+
==Project Administrivia==
 +
This project was initiated around September of 2007 under the management of Jamie Fisher. The project was rechartered in August of 2008. The interim project manager is [[User:Mchalmers|Matthew Chalmers]].
  
 
[[Category:OWASP Project]]
 
[[Category:OWASP Project]]

Revision as of 22:58, 7 August 2008

Overview

OWASP believe that clearly articulating project-agnostic web application security requirements—providing both high-level/general and low-level/specific sine quibus non—is the best way to ensure that software is developed with strong, robust, yet workable security guidance.

  • The intent of this project is to assemble a useful base of generic/common web application security requirements that could be used in most projects.
  • The product of this project is intended to help all involved in web application security, whether it is project management, risk assessment, software development, testing, etc.
  • The reason d'etre of this project is that, whilst security requirements are sometimes well captured and clearly defined, there are other times when they are not, for any number of reasons.

Joining the Project

If you are interested in volunteering for the project, or just have a comment or question, please join the OWASP AppSec Requirements mailing list.

Project Administrivia

This project was initiated around September of 2007 under the management of Jamie Fisher. The project was rechartered in August of 2008. The interim project manager is Matthew Chalmers.

Media in category "OWASP Application Security Requirements Project"

This category contains only the following file.