Difference between revisions of "OWASP AJAX Security Project Roadmap"

From OWASP
Jump to: navigation, search
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
The project's overall goal is to...
 
The project's overall goal is to...
  
   Identify and document security issues encountered by AJAX applications and document ways to secure these applications
+
   Identify and document security issues encountered by AJAX applications and document ways to securely develop these applications
  
 
In the near term, we are focused on the following tactical goals...
 
In the near term, we are focused on the following tactical goals...
  
 
# Gather existing presentations and pull ideas into the OWASP AJAX Security Project
 
# Gather existing presentations and pull ideas into the OWASP AJAX Security Project
# Review AJAX frameworks and identify security issues handled by these frameworks
 
 
# Review AJAX related literature (books, articles, ...)
 
# Review AJAX related literature (books, articles, ...)
# Document ways to secure AJAX applications  
+
# Review AJAX frameworks and identify security issues handled by these frameworks
 +
# Document security issues encountered AJAX applications
 +
# Document ways to test AJAX applications
 +
# Document ways to develop secure AJAX applications
 +
 
  
 
Here are the current tasks defined to help us achieve these goals
 
Here are the current tasks defined to help us achieve these goals
  
 
* Gather existing presentations and email messages and pull ideas into OWASP
 
* Gather existing presentations and email messages and pull ideas into OWASP
* We are currently working on reviewing Ajax frameworks/tools. The intent of the review is to provide an overview of the framework, the security risks and how the frameworks can be secured. The framework we are currently reviewing is the Google Web Toolkit[[1]]. If you have experience using GWT and/or are interested in participating in this review please contact us either though the mailing list or emailing mailto:rohini_sulatycki@yahoo.com
+
* We are currently working on reviewing Ajax frameworks/tools. The intent of the review is to provide an overview of the framework and the security issues handled by the framework. The framework we are currently reviewing is the '''Google Web Toolkit'''. If you have experience using GWT and/or are interested in participating in this review please contact us either though the mailing list or emailing mailto:rohini_sulatycki@yahoo.com
  
  
 
[[Category:OWASP AJAX Security Project]]
 
[[Category:OWASP AJAX Security Project]]

Latest revision as of 08:44, 24 February 2008

The project's overall goal is to...

 Identify and document security issues encountered by AJAX applications and document ways to securely develop these applications

In the near term, we are focused on the following tactical goals...

  1. Gather existing presentations and pull ideas into the OWASP AJAX Security Project
  2. Review AJAX related literature (books, articles, ...)
  3. Review AJAX frameworks and identify security issues handled by these frameworks
  4. Document security issues encountered AJAX applications
  5. Document ways to test AJAX applications
  6. Document ways to develop secure AJAX applications


Here are the current tasks defined to help us achieve these goals

  • Gather existing presentations and email messages and pull ideas into OWASP
  • We are currently working on reviewing Ajax frameworks/tools. The intent of the review is to provide an overview of the framework and the security issues handled by the framework. The framework we are currently reviewing is the Google Web Toolkit. If you have experience using GWT and/or are interested in participating in this review please contact us either though the mailing list or emailing mailto:rohini_sulatycki@yahoo.com