OWASP Proactive Controls

Revision as of 04:49, 10 March 2013 by Jmanico (talk | contribs)

Jump to: navigation, search
What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP Proactive Controls (home page)
Purpose: A Top 10 like document, phrased in a positive, testable manner that describes the Top 10 controls architects and developers should absolutely, 100% include in every project.
License: Creative Commons Attribution ShareAlike 3.0 License
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases


Access Control



Mostly output encoding to stop injection

Query Parameterization

Special case due to how bad SQLi is

Data Protection

Secure Requirements

Secure Architecture

Secure Design

Like forgot password workflow, and other workflows that fall outside of basic requirements and architecture

Secure Configuration

At rest and in transit