Difference between revisions of "OWASP .Net Project Roadmap"

From OWASP
Jump to: navigation, search
Line 14: Line 14:
  
 
* The [[.NET Security Cheat Sheet]]
 
* The [[.NET Security Cheat Sheet]]
* .NET Penetration Testing
+
* [[.NET Penetration Testing]]
  
 
Topics that require content creation include:
 
Topics that require content creation include:

Revision as of 18:21, 29 March 2014

Themes

The themes of the .NET Project include:

  • Deep, rich guidance for .NET developers in using the security features of .NET
  • Guidance for use of OWASP components that are designed for use with .NET
  • Information about working with and on OWASP tools built using .NET

Features

Features are parts of the project at a very high level.

Guidance

Guidance is documentation that assists .NET developers impleenting the security features of the framework. Current examples include:

Topics that require content creation include:

  • Rfc2898DeriveBytes for PBKDF2
  • WIF
  • AntiXssEncoder
  • DPAPI
  • Exception handling
  • Anti CSRF
  • Memory Management
  • ClickOnce Deployment

Components

Components are pieces of software that assist .NET developers in building more secure code. Many updates are needed:

  • ESAPI.NET
  • .NET CSRF Guard
  • AntiSamy .NET

Projects that use .NET

These are projects that happen to be built in .NET and could use .NET development assistance

  • O2
  • WebGOAT.NET

Ideas

Please send your ideas to the OWASP.Net mailing list (owasp-dotnet@lists.owasp.org)