Summit 2011 Working Sessions/Session203

De OWASP
Saltar a: navegación, buscar

Global Summit 2011 Home Page
Global Summit 2011 Tracks

WS. individual projects.jpg OWASP Projects Security Bulletins
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Short Work Session Description Several of the current OWASP Code Projects have reached a point in maturity and acceptance where a cohesive strategy needs to be put in place for security vulnerabilities discovered in these projects.
Related Projects (if any)


Email Contacts & Roles Chair
Chris Schmidt @

Operational Manager
Mailing list
Subscription Page
WORKING SESSION SPECIFICS
Objectives
  1. Define a Disclosure Policy for OWASP Projects
  2. Define a strategy and policy for disclosing vulnerabilities to users
  3. Refine and Develop a template to be used for disclosing
  4. Identify a committee or leaders to head up this effort and maintain it

Venue/Date&Time/Model Venue/Room
OWASP Global Summit Portugal 2011
Date & Time


Discussion Model
participants and attendees

WORKING SESSION OPERATIONAL RESOURCES
Internet connectivity, projector, whiteboard

WORKING SESSION ADDITIONAL DETAILS
The focus of this working session will be to define or adopt a disclosure policy, define the framework for how security vulnerabilities should be reported and handled, and develop the rules of adherence and template for security bulletins.
WORKING SESSION OUTCOMES / DELIVERABLES
Proposed by Working Group Approved by OWASP Board

OWASP Project Disclosure Policy

After the Board Meeting - fill in here.

OWASP Security Bulletin Template

After the Board Meeting - fill in here.

OWASP Project Adherence Rules

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed
Paulo Coimbra @
OWASP Foundation
OWASP Project Manager