Projects/OWASP Testing Project/Releases/Testing Guide V 4.0/Roadmap

From OWASP
Revision as of 17:55, 16 July 2010 by Mmeucci (Talk | contribs)

Jump to: navigation, search
  • Project Roadmap
    • Introduce the new project to the testing Guide mailing list,
    • Involve the contributors: we need to involve also the final users of the Testing Guide (for example Banking Companies to understand how they would like to improve that).
    • Update the OWASP vulnerability database. I mean we can update this:
    • http://www.owasp.org/index.php/Testing_Checklist
    • Inserting new testing techniques, OWASP Top10 update: HTTP Verb tampering, HTTP Parameter Pollutions, URL Redirection, Insecure Direct Object References, Insecure Cryptographic Storage, Failure to Restrict URL Access, Insufficient Transport Layer Protection, Unvalidated Redirects and Forwards.
    • Create a test case for each test to perform using O2 platform
    • Review and improve all the sections in v3,
    • Create a more readable guide, eliminating some sections that are not really useful, Rationalize some sections as Session Management Testing,
    • Create a new section: Client side security and Firefox extensions testing.
  • Project Plan:
    • 17th July 2010: Start a brainstorming for the new index starting from "Release Description",
    • 5th August 2010: Create the new index and the new team,
    • 6th August 2010: Starting writing articles,
    • 15th September 2010: Starting the first review phase,
    • 15th October 2010: Starting writing articles II phase,
    • 15th November 2010: Starting the second review phase,
    • 15th December 2010: Create the RC1,
    • 15th January 2011: Release the version 4.