Difference between revisions of "OWASP Security JDIs Project"

From OWASP
Jump to: navigation, search
m
m
Line 1: Line 1:
=Main=
+
==Overview==
  
==Background==
+
The aim of this project is to build up a [[OWASP_Security_JDIs|collection of practical solutions]] to specific security problems.
 
+
The aim of this project is to build up a libary of practical solutions to specific security problems.
+
  
 
Rather than give explanations of security issues and defensive techniques - something which is done by Cheat Sheets and HOWTOs -  
 
Rather than give explanations of security issues and defensive techniques - something which is done by Cheat Sheets and HOWTOs -  
Line 13: Line 11:
 
* practical, if limited, solutions for developers without them first having to become an expert in the problem space - something which time often does not permit
 
* practical, if limited, solutions for developers without them first having to become an expert in the problem space - something which time often does not permit
 
* usable code which can be a practical introduction to defensive technologies, such as ESAPI, AntiSamy, etc.
 
* usable code which can be a practical introduction to defensive technologies, such as ESAPI, AntiSamy, etc.
 
 
==The Process==
 
  
 
The project will
 
The project will
Line 21: Line 16:
 
# adopt solutions already developed by developers and/or security specialists which they would like to share.
 
# adopt solutions already developed by developers and/or security specialists which they would like to share.
  
 +
=Project Pages=
 +
 +
[[OWASP_Security_JDIs| JDI Collection]]
  
=JDIs=
+
[[OWASP_Security_JDI_Process | Development Process]]
{{:OWASP_Security_JDIs}}
+
  
=Process=
+
[[OWASP_Security_JDI_Pro-forma | JDI Pro-forma]]
{{:OWASP_Security_JDI_Process}}
+
  
=JDI Pro-forma=
+
[[Projects/OWASP_Security_JDIs_Project | OWASP Project Page]]
{{:OWASP_Security_JDI_Pro-forma}}
+
  
=Project Page=
 
{{:Projects/OWASP_Security_JDIs_Project}}
 
  
 
[[Category:OWASP Project]]
 
[[Category:OWASP Project]]
  
__NOTOC__ <headertabs />
+
__NOTOC__

Revision as of 12:55, 7 May 2013

Overview

The aim of this project is to build up a collection of practical solutions to specific security problems.

Rather than give explanations of security issues and defensive techniques - something which is done by Cheat Sheets and HOWTOs - the JDIs will consist of detailed, explicit instructions addressing specific issues using specific technology.

Like recipes, a JDI may suit some tastes more than others and, again like recipes, there can be more than one JDI for the same problem.

The benefits will be

  • practical, if limited, solutions for developers without them first having to become an expert in the problem space - something which time often does not permit
  • usable code which can be a practical introduction to defensive technologies, such as ESAPI, AntiSamy, etc.

The project will

  1. endeavour to source a suitable solutions to specific, practical problems on request, and
  2. adopt solutions already developed by developers and/or security specialists which they would like to share.

Project Pages

JDI Collection

Development Process

JDI Pro-forma

OWASP Project Page