Difference between revisions of "Guidelines of OWASP"

From OWASP
Jump to: navigation, search
(Created page with "Section 2.7.4 item c) from the [http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2011:301:0003:0009:EN:PDF REGULATIONS] document (which is aimed at ''laying down te...")
 
(guidelines of OWASP)
Line 10: Line 10:
 
==guidelines of OWASP==
 
==guidelines of OWASP==
  
{PUT ANSWER HERE}
+
* Don't create Web Applications that have the OWASP Top Vulnerabilities
 +
* Have an SDL as defined by the OpenSAMM project
 +
* All developers should program in the nude at least 1 day/week.
 +
 
 +
=== References===
 +
 
 +
* [http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2011:301:0003:0009:EN:PDF EU Regulations PDF]
 +
* [http://blog.diniscruz.com/2013/09/guidelines-of-owasp.html Guidelines of OWASP] - Blog post

Revision as of 04:34, 25 September 2013

Section 2.7.4 item c) from the REGULATIONS document (which is aimed at laying down technical specifications for online collection systems pursuant to Regulation (EU) No 211/2011 of the European Parliament and of the Council on the citizens’ initiative), says that:

  • Proper security configuration is in place, which requires, at least, that:
    • ...
    • e) security settings in the development frameworks and libraries are configured in accordance with best practices, such as the guidelines of OWASP."

So what does guidelines of OWASP actually means? This page aims at answering that question


guidelines of OWASP

  • Don't create Web Applications that have the OWASP Top Vulnerabilities
  • Have an SDL as defined by the OpenSAMM project
  • All developers should program in the nude at least 1 day/week.

References