Difference between revisions of "Principle template"

From OWASP
Jump to: navigation, search
(New page: ==Description== This is the structure of a Principle Article. Sections "Overview", "Abstract", "Discussion", "Required Resources" and "Plataform", if existent, should be properly describ...)
 
Line 1: Line 1:
 +
Every '''[[Principle]]''' should follow this template.
 +
 
==Description==
 
==Description==
  
This is the structure of a Principle Article.
+
A principle is a simple rule that helps to guide security decisions in complex situations.
 
+
# Start with a one-sentence description of the principle
Sections "Overview", "Abstract", "Discussion", "Required Resources" and "Plataform", if existent, should be properly describe here, without subsections.
+
# Describe the principle and how it should be applied to security decisions
 
+
In case of a "Exposure Period" section exists, it should be placed here as a subsection.
+
Ex:<nowiki>===Exposure Period===</nowiki>
+
  
  
 
==Examples==
 
==Examples==
  
===Example 1===
+
; Short example name
 +
: One paragraph example description with [http://www.site.com links]
  
 +
; Short example name
 +
: One paragraph example description with [http://www.site.com links]
  
===Example n===
 
  
 +
==Related [[Vulnerabilities]]==
  
==Likelihood of exploitation==
+
* [[Vulnerability 1]]
 +
* [[Vulnerabiltiy 2]]
  
  
==Technical Impacts==
+
==Related [[Countermeasures]]==
  
 
+
* [[Countermeasure 1]]
==Business Impacts==
+
* [[Countermeasure 2]]
  
  
 
==References==
 
==References==
  
 +
* [http://www.link1.com]
 +
* [http://www.link2.com Optional title here]
 +
 +
 +
When the article is reviewed, the "Honeycomb" category can be removed and replaced with the "ASDR" category
 +
<nowiki>[[Category:OWASP Honeycomb Project]]</nowiki>
 +
<nowiki>[[Category:OWASP ASDR Project]]</nowiki>
  
<nowiki>[[Category:XYZ]]</nowiki>
+
__NOTOC__
<nowiki>[[Category:XPTO]]</nowiki>
+

Revision as of 23:18, 12 February 2008

Every Principle should follow this template.

Description

A principle is a simple rule that helps to guide security decisions in complex situations.

  1. Start with a one-sentence description of the principle
  2. Describe the principle and how it should be applied to security decisions


Examples

Short example name
One paragraph example description with links
Short example name
One paragraph example description with links


Related Vulnerabilities


Related Countermeasures


References


When the article is reviewed, the "Honeycomb" category can be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]