OWASP CLASP Project Roadmap
Revision as of 01:35, 28 May 2006 by Pravir Chandra
The OWASP CLASP Project's overall goal is to...
Reinforce application security through a set of prescriptive and proactive process components that are adaptable to any development model.
In the near term, we are focused on the following tactical goals...
- Porting all of the CLASP v1.2 materials to the OWASP wiki
- Generating more introductory materials to help users get started with CLASP
- Enhancing the vulnerability catalog with more information (descriptions, examples, etc.)
- Add 'Activity Assessment View' stuff to each CLASP activity (???)
- Add 'Coding Guidelines' from CLASP to stubbed wiki page (???)
- Add 'Vulnerability Use Cases' stuff from CLASP to Wiki (Jeremy)
- Port OWASP Guide to Wiki (Weilin)
- [DONE] Add 'Role-Based View' stuff from CLASP to Wiki (Jeremy)
- [DONE] Integrate 'CLASP resources' (principles, etc) stuff from CLASP to Wiki (Pravir)
- [DONE] Create a better OWASP CLASP Project page (Pravir)
- [DONE] Add CLASP Categories for 'Roles' 'Activities' (Pravir)
- [DONE] Add user for change notification after mail is working (Pravir)
- [DONE] Get the Word doc downloads posted (Pravir)
- [DONE] Add a proper Roadmap for the CLASP Project (Pravir)
- The Category:CLASP Activity is redundant with Category:OWASP CLASP Project and Category:Activity. I suggest we remove it.
- I added it since Category:Activity has a few other items in addition to Category:CLASP Activity (for example, Deployment, Configuration, etc.). My thought was that those are good things to have linked to a general 'Activity' category, but for CLASP, it's redundant and doesn't fit in to the overall picture since it's more high-level. Thus, it made sense to keep the CLASP activities collected in one place as well as mapping them up to the more general 'Activity' category. (Pravir Chandra)