Difference between revisions of "OWASP Financial Information Exchange Security Project"

From OWASP
Jump to: navigation, search
m
m
Line 105: Line 105:
  
 
= Road Map and Getting Involved =
 
= Road Map and Getting Involved =
 +
== Road Map ==
 +
* Gather interested community members
 +
 +
* Develop check-list for penetration testing FIX (Financial Information Exchange) endpoints
 +
 +
* Develop best practice guidelines when implementing the FIX protocol (from a security perspective)
 +
 +
* Develop Java based FIX client to use when performing security review of FIX endpoint (kind of like ZapProxy but for FIX)
 +
 +
== Getting Involved ==
 
As of January 2014, the priorities are:
 
As of January 2014, the priorities are:
 
* Start work on the Java FIX Security tool
 
* Start work on the Java FIX Security tool

Revision as of 04:00, 3 December 2013

[edit]

OWASP Project Header.jpg

OWASP XXX

OWASP XXX is...

Introduction

Write a short introduction


Description

Write a description that is just a few paragraphs long


Licensing

OWASP XXX is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


What is XXX?

OWASP XXX provides:

  • xxx
  • xxx


Presentation

Link to presentation



Project Leader

Project leader's name


Related Projects


Quick Download

  • Link to page/download


News and Events

  • [20 Nov 2013] News 2
  • [30 Sep 2013] News 1


In Print

This project can be purchased as a print on demand book from Lulu.com


Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files CODE.jpg

Q1
A1
Q2
A2

Volunteers

OWASP FIX Security is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • Myles Hosford


Others

  • Join the project, get involved!

Road Map

  • Gather interested community members
  • Develop check-list for penetration testing FIX (Financial Information Exchange) endpoints
  • Develop best practice guidelines when implementing the FIX protocol (from a security perspective)
  • Develop Java based FIX client to use when performing security review of FIX endpoint (kind of like ZapProxy but for FIX)

Getting Involved

As of January 2014, the priorities are:

  • Start work on the Java FIX Security tool
  • Start work on the FIX Security best practice document

Involvement in the development and promotion of OWASP FIX Security is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • FIX architects, let us know your security concerns and problems you face when deploying new FIX architecture.
  • Java developers, one of the projects deliverables is a Java FIX Security tool, any development help would be great!


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Financial Information Exchange Security Project
Purpose: The project focuses on the FIX protocol with the aim of developing a java client to be used during security assessments of custom FIX implementations The project will also produce best practice guidance for FIX protocol security.
License: Apache 2.0 License
who is working on this project?
Project Leader(s):
  • Myles Hosford @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Myles Hosford @ to contribute to this project
  • Contact Myles Hosford @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases