Difference between revisions of "ESAPI Documentation"

From OWASP
Jump to: navigation, search
(Documentation Plan)
(Documentation Plan)
Line 7: Line 7:
 
* Smaller Documents
 
* Smaller Documents
 
** ESAPI Executive Overview
 
** ESAPI Executive Overview
** FAQ
+
Audience: Executives<br>
 +
Purpose: To provide executives with an understanding of:
 +
* What ESAPI is? Goals.
 +
* Why an ESAPI is necessary. (App Sec is important/why/standardization)
 +
* The benefits of using an ESAPI? (Cost, ROI)
 +
* The current status of ESAPI? (Maturity, Stability, Licensing, Support)
 +
* Who created it, where it came from, credibility, who is using it?
 +
* How to adopt an ESAPI?
 +
Outline: (See Purpose)
 +
** FAQ (For non-users)
 +
Audience: Potential users of ESAPI<br>
 +
Purpose: To provide 'quick' hit, information about ESAPI<br>
 +
Topics: Summary of main points in the Executive Overview<br>
 +
** FAQ (For people using ESAPI)
 +
Audience (Technical people using ESAPI)<br>
 +
Purpose: To provide 'quick' hit, information about how to use ESAPI, and how to add ESAPI to or integrate ESAPI with your existing security controls.
 +
Outline:
 +
* How to use it the first time
 +
* Performance
 
<br>
 
<br>
 
* Larger Documents
 
* Larger Documents
 
** Getting Started Guide
 
** Getting Started Guide
** How to Create a Custom ESAPI for Your Organization
 
 
** How to Secure an Existing Application with ESAPI
 
** How to Secure an Existing Application with ESAPI
 
** How to Use ESAPI in a New Application
 
** How to Use ESAPI in a New Application
 +
** How to Create a Custom ESAPI for Your Organization
 
<br>
 
<br>
* Other
+
* Web pages
 
** Revamp the ESAPI Website
 
** Revamp the ESAPI Website
 +
** How will the ESAPI be updated and released.
 +
** CWEs addressed by ESAPI - Assigned to Steve Christy
 
** Features List
 
** Features List
 +
<br>
 +
* Other
 
** ESAPI Architecture/Design Guideline
 
** ESAPI Architecture/Design Guideline
 
** Assurance Argument [[ESAPI_Assurance]]
 
** Assurance Argument [[ESAPI_Assurance]]
** How will the ESAPI be updated and released.
 
** CWEs addressed by ESAPI
 

Revision as of 13:09, 11 December 2008

Overview

TODO

Documentation Plan

  • Smaller Documents
    • ESAPI Executive Overview

Audience: Executives
Purpose: To provide executives with an understanding of:

  • What ESAPI is? Goals.
  • Why an ESAPI is necessary. (App Sec is important/why/standardization)
  • The benefits of using an ESAPI? (Cost, ROI)
  • The current status of ESAPI? (Maturity, Stability, Licensing, Support)
  • Who created it, where it came from, credibility, who is using it?
  • How to adopt an ESAPI?

Outline: (See Purpose)

    • FAQ (For non-users)

Audience: Potential users of ESAPI
Purpose: To provide 'quick' hit, information about ESAPI
Topics: Summary of main points in the Executive Overview

    • FAQ (For people using ESAPI)

Audience (Technical people using ESAPI)
Purpose: To provide 'quick' hit, information about how to use ESAPI, and how to add ESAPI to or integrate ESAPI with your existing security controls. Outline:

  • How to use it the first time
  • Performance


  • Larger Documents
    • Getting Started Guide
    • How to Secure an Existing Application with ESAPI
    • How to Use ESAPI in a New Application
    • How to Create a Custom ESAPI for Your Organization


  • Web pages
    • Revamp the ESAPI Website
    • How will the ESAPI be updated and released.
    • CWEs addressed by ESAPI - Assigned to Steve Christy
    • Features List


  • Other