Difference between revisions of "Category:OWASP Honeycomb Project"

From OWASP
Jump to: navigation, search
(Undo changes.)
(How to use the information?)
Line 12: Line 12:
  
 
==How to use the information?==  
 
==How to use the information?==  
 +
 +
We're not sure all the ways that this information might be used. But we're sure that knowing how all the pieces fit together will help.
 +
 +
* Architects may want to use this information when [[threat modeling]] their applications. You'll want to identify combinations of threats, attacks, and vulnerabilities that apply to your system. Then you should select appropriate countermeasures and use the principles to help guide design decisions.
 +
 +
* Deveopers may want to use this information to learn about different vulnerabilities and to select coding guidelines for their project.
 +
 +
* Security researchers may want to use this framework to organize their thinking about security and help to ensure completeness.
  
 
[[Honeycomb User’s Guide]]
 
[[Honeycomb User’s Guide]]

Revision as of 10:27, 25 July 2006

Overview

In the Honeycomb project, OWASP is assembling the most comprehensive and integrated guide ever attempted to the fundamental building blocks of application security (principles, threats, attacks, vulnerabilities, and countermeasures) through collaborative community efforts.

Background

  • What we are trying to accomplish?
  • The difficulties in organizing this information
  • The approach we’ve taken
  • Why our approach solves the problems?
  • Why the name Honeycomb?

How to use the information?

We're not sure all the ways that this information might be used. But we're sure that knowing how all the pieces fit together will help.

  • Architects may want to use this information when threat modeling their applications. You'll want to identify combinations of threats, attacks, and vulnerabilities that apply to your system. Then you should select appropriate countermeasures and use the principles to help guide design decisions.
  • Deveopers may want to use this information to learn about different vulnerabilities and to select coding guidelines for their project.
  • Security researchers may want to use this framework to organize their thinking about security and help to ensure completeness.

Honeycomb User’s Guide

How to add an article into Honeycomb Project?

Volunteers Needed

Our current tactical goals are:

  • Fill in the contents of the stub honeycomb articles (those marked with {{Template:Stub}})
  • Refine the contents and structure of the honeycomb articles
  • Eliminate redundancy in the articles and categories

The following tasks are ready for volunteers:

  • Merge "Buffer overflow", "Buffer Overflow" and related redundant articles
  • Merge "Cross Site Scripting" and "Cross-site_scripting"
  • Merge "SQL Injection" and "SQL injection"

To find out more about what you can help, please go to OWASP Honeycomb Project Roadmap.

Roadmap

OWASP Honeycomb Project Roadmap

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.

Subcategories

This category has the following 9 subcategories, out of 9 total.

C

C cont.

T

V

Pages in category "OWASP Honeycomb Project"

This category contains only the following page.