OWASP/Training/OWASP Manifesto for Governments

From OWASP
Revision as of 16:00, 18 July 2011 by Paulo Coimbra (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
MODULE
OWASP Manifesto for Governments
Overview & Goal
 
  • The Open Web Application Security Project (OWASP) is a global and open community focused on improving the security of software systems and has chapters in cities around the world. This document presents the vision of the Brazilian OWASP community on how the governments can act to improve security on the Internet.
  • In this paper, we present suggestions and recommendations regarding public policy, legislation and other activities that we believe could contribute to improving the security of the Internet and related software applications.
  • The recommendations are divided according to the focus of each agency:

legislators, consumer protection bodies, control and audit bodies, teaching and research institutions, all public bodies.

  • The recommendations do not have dependencies on each other, but we believe that maximum efficiency occurs with the implementation of all recommendations. Improving security in the local Internet could bring several advantages for the country, such as the attraction of investment, training of the workforce and the development of an industry capable of exporting products and services with high added value.
  • The experts that participate in OWASP are willing to contribute to the country, to help it move in the right direction and, for example, could serve as an advisory body or provide a channel for liaison with foreign experts if necessary. The OWASP organization is non-profit, and all specialists involved are volunteers.

 

Contents Materials
 
  • Given the importance of software in today's economy, it is imperative that governments act to develop a market capable of producing software whose security level is appropriate to its intended usage and the importance of the information it will process or store. In this section, we list some recommendations of what can be done to improve the prospects for software security.
  • We believe that the actions proposed here have the potential to improve the security of software systems used by millions of people and also to promote a thriving industry able to put our country among the world leaders, creating prosperity and economic growth.