Difference between revisions of "Guidelines of OWASP"

From OWASP
Jump to: navigation, search
(Added my suggestion)
 
Line 8: Line 8:
  
  
== Dinnis Cruz' Guidelines of OWASP==
+
===What about===
  
* Don't create Web Applications that have the OWASP Top Vulnerabilities
+
The six OWASP Guides constitute the guidelines:
* Have an SDL as defined by the OpenSAMM project
+
* All developers should program in the nude at least 1 day/week (Stephen de Vries idea, designed to help developers have more empathy with the 'nude state' of the applications they are developing)
+
 
+
 
+
== Colin Watson's Guidelines of OWASP ==
+
 
+
I think the six OWASP Guides constitute the guidelines:
+
  
 
* CISO Guide
 
* CISO Guide
Line 31: Line 24:
 
== Your ideas ==
 
== Your ideas ==
  
 
+
* Owasp top 10??
  
  

Latest revision as of 17:20, 17 October 2013

Section 2.7.4 item c) from the REGULATIONS document (which is aimed at laying down technical specifications for online collection systems pursuant to Regulation (EU) No 211/2011 of the European Parliament and of the Council on the citizens’ initiative), says that:

  • Proper security configuration is in place, which requires, at least, that:
    • ...
    • e) security settings in the development frameworks and libraries are configured in accordance with best practices, such as the guidelines of OWASP."

So what does guidelines of OWASP actually means? This page aims at answering that question


What about

The six OWASP Guides constitute the guidelines:

  • CISO Guide
  • Development Guide
  • Code Review Guide
  • Testing Guide
  • Verification Standard Guide
    • Part 1 - ASVS for Web Applications
  • Secure SDLC Guide (i.e. SAMM)


Your ideas

  • Owasp top 10??


References