Category:OWASP CLASP Project
Welcome to the CLASP Project
CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible.
CLASP is actually a set of process pieces that can be integrated into any software development process. It is designed to be both easy to adopt and effective. It takes a prescriptive approach, documenting activities that organizations should be doing. And, it provides an extensive wealth of security resources that make implementing those activities reasonable.
The goals of the OWASP CLASP Project are to make these materials widely available as well as provide a forum for the community to contribute materials back to CLASP for the benefit of everyone. If you use CLASP now, have questions, or just have something else you'd like to share, give us a shout on the mailing list (coming soon) and let us know! In the meantime, please use the discussion page above.
CLASP provides detailed information of the following types:
- Seven key Best Practices that define CLASP
- Summaries of the high-level security Services that serve as a foundation
- Some core security Principles for software development
- High-level Roles that are typically involved in software development
- A collection of Activities to augment the development process to build more secure software
- Advice on Process Engineering and Roadmaps
- The lexicon of Vulnerabilities that occur in source code
- Checklisted Coding Guidelines to help developers and auditors when reviewing code
- A Glossary of terms and phrases common to application security
2006-05-24 - Added more materials to Wiki from CLASP. Enough should be up now (Thanks to the awesome work of Jeff, Jeremy) to qualify as 'critical mass'. --pravir
Everyone has something to contribute. Be it reading materials and fixing typos to contributing new sections of prose, we gladly welcome all help that's volunteered. For the ongoing list of items in flight, please look at the CLASP Project Todo List list. Also, if you're unsure of how to help or want some guidance, please check out the CLASP Project's mailing list.
This category has the following 20 subcategories, out of 20 total.
Pages in category "OWASP CLASP Project"
The following 121 pages are in this category, out of 121 total.