OWASP Security Knowledge Framework
Slides of workshop DevOpsDays 2015 Amsterdam:
Check out the: Online Scrum Board
- Add code examples -> relevant knowledge-base items in results - Add generic Selenium test cases for the pre-development and post-development security controls. - Add current code examples and refer them in the advices of the pre-development and post-development items. - Add CWE to checklists - Add Python code examples - Add Java code examples - Explain the SDLC more in-depth on our website and OWASP wiki page. - Add Go/Ruby/??? code examples
Submitting a Pull Request on Guthub:
Fork it. Create a branch (git checkout -b my_markup) Commit your changes (git commit -am "Added Snarkdown") Push to the branch (git push origin my_markup) Check Travis status if build is still working Open a Pull Request
One of the authors will check your sample code or knowledge-base item and add it to the master repo.
SKF uses the following services to provide quality over the code and releases.
Test and Deploy with Confidence. Easily sync your GitHub projects with Travis CI and you'll be testing your code in minutes! SKF Build details:
DELIVER BETTER CODE. We help developers deliver code confidently by showing which parts of your code aren't covered by your test suite. SKF Coveralls details:
Why to use Scrutinizer. Improve code quality and find bugs before they hit production with our continuous inspection platform. Improve Code Quality. SKF Scrutinizer details:
Monitor HTTP(s), Ping, Port and check Keywords. Get alerted via e-mail, SMS, Twitter, web-hooks or push. View uptime, downtime and response times.
ssllabs.com & sslbadge.org
ssllabs.org: Bringing you the best SSL/TLS and PKI testing tools and documentation. https://www.ssllabs.com/ssltest/analyze.html?d=securityknowledgeframework.org
sslbadge.org: Creates a nice badge for your website SSL/TLS security settings based on the Qualys SSL Labs testing.