Difference between revisions of "Projects/OWASP Proactive Controls/Roadmap"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
[[Category:OWASP Project|TODO: Top 10 Defenses Project]]
+
Welcome to the OWASP Top 10 Proactive Controls Project! This project is the comprehensive reference for all OWASP projects and application security in general. All of the materials here are free and open source.  
[[Category:OWASP Document]]
+
[[Category:OWASP Alpha Quality Document]]
+
 
+
Welcome to the OWASP TODO: Top 10 Defenses Project! This project is the comprehensive reference for all OWASP projects and application security in general. All of the materials here are free and open source.  
+
 
+
By now you can:
+
 
+
* TOC
+
* TBA
+
* Volunteer to help this project!
+
  
 
== Status ==
 
== Status ==
  
: We are currently seeking volunteers who will help developing stub/empty articles listed bellow and bring it up to a production level of quality. Join us now to take part in this historic effort, just drop a line to  [mailto:vanderaj@owasp.org Andrew van der Stock]!
+
: We are currently seeking volunteers who will help developing stub/empty articles listed bellow and bring it up to a production level of quality. Join us now to take part in this historic effort, just drop a line to  [mailto:jim@owasp.org Jim Manico]!
  
 
== What's In It? ==
 
== What's In It? ==
Line 19: Line 9:
 
TBA
 
TBA
  
'''TODO: Top 10 Defenses Backlog'''
+
'''Top 10 Proactive Controls Backlog'''
  
 
* Volunteers
 
* Volunteers
Line 65: Line 55:
  
 
[[Category:TODO-Top10-Defenses|TODO: OWASP Top 10 Defenses Project]]
 
[[Category:TODO-Top10-Defenses|TODO: OWASP Top 10 Defenses Project]]
 +
[[Category:OWASP Project|TODO: Top 10 Defenses Project]]
 +
[[Category:OWASP Document]]
 +
[[Category:OWASP Alpha Quality Document]]
  
 
__NOTOC__
 
__NOTOC__

Revision as of 17:19, 4 August 2013

Welcome to the OWASP Top 10 Proactive Controls Project! This project is the comprehensive reference for all OWASP projects and application security in general. All of the materials here are free and open source.

Status

We are currently seeking volunteers who will help developing stub/empty articles listed bellow and bring it up to a production level of quality. Join us now to take part in this historic effort, just drop a line to Jim Manico!

What's In It?

TBA

Top 10 Proactive Controls Backlog

  • Volunteers
  • Roadmap
  1. Security Architecture (including incorporating agile ideas)
  2. Use a (more) secure development frameworks and leverage enterprise frameworks (UAG, etc)
  3. Input validation
  4. Output Encoding
  5. Identity: Authentication and Session Management
  6. Access Control (service / controller, data, URL, function / CSRF, presentation, etc)
  7. Data Protection (Data at rest, including in cloud)
  8. Audit, Logging and Error Handling
  9. Secure Configuration
  10. Secure Communications (Data in transit)


What's It For?

TBA

Why This Approach?

TBA

How Is It Maintained?

  • Agile creation - regular releases, time boxed, no heavy weight (e.g. 1.0 2.0) releases

TBA

Related Projects

TBA

Feedback and Participation:

We hope you find the OWASP TODO: OWASP Top 10 Defenses Project useful. Please contribute to the Project by volunteering for one of the tasks, sending your comments, questions, and suggestions to vanderaj@owasp.org. To join the OWASP TODO: OWASP Top 10 Defences Project mailing list or view the archives, please visit the subscription page.

Articles

TBA