Difference between revisions of "OWASP .Net Project Roadmap"

From OWASP
Jump to: navigation, search
Line 33: Line 33:
 
* ESAPI.NET
 
* ESAPI.NET
 
* .[[.Net CSRF Guard]]
 
* .[[.Net CSRF Guard]]
* [[AntiSamy .NET]]
+
* [[OWASP AntiSamy Project .NET]]
  
 
== Projects that use .NET ==
 
== Projects that use .NET ==

Revision as of 18:22, 29 March 2014

Themes

The themes of the .NET Project include:

  • Deep, rich guidance for .NET developers in using the security features of .NET
  • Guidance for use of OWASP components that are designed for use with .NET
  • Information about working with and on OWASP tools built using .NET

Features

Features are parts of the project at a very high level.

Guidance

Guidance is documentation that assists .NET developers impleenting the security features of the framework. Current examples include:

Topics that require content creation include:

  • Rfc2898DeriveBytes for PBKDF2
  • WIF
  • AntiXssEncoder
  • DPAPI
  • Exception handling
  • Anti CSRF
  • Memory Management
  • ClickOnce Deployment

Components

Components are pieces of software that assist .NET developers in building more secure code. Many updates are needed:

Projects that use .NET

These are projects that happen to be built in .NET and could use .NET development assistance

  • O2
  • WebGOAT.NET

Ideas

Please send your ideas to the OWASP.Net mailing list (owasp-dotnet@lists.owasp.org)