Difference between revisions of "TODO: Top 10 Defenses"

From OWASP
Jump to: navigation, search
(Replaced content with "moved to [https://www.owasp.org/index.php/Projects/OWASP_Proactive_Controls/Roadmap https://www.owasp.org/index.php/Projects/OWASP_Proactive_Controls/Roadmap].")
 
Line 1: Line 1:
{{:Project Information:template TODO: Top 10 Defenses Project}}
+
moved to [https://www.owasp.org/index.php/Projects/OWASP_Proactive_Controls/Roadmap https://www.owasp.org/index.php/Projects/OWASP_Proactive_Controls/Roadmap].
[[Category:OWASP Project|TODO: Top 10 Defenses Project]]
+
[[Category:OWASP Document]]
+
[[Category:OWASP Alpha Quality Document]]
+
 
+
=The OWASP TODO: Top 10 Defenses=
+
 
+
Welcome to the OWASP TODO: Top 10 Defenses Project! This project is the comprehensive reference for all OWASP projects and application security in general. All of the materials here are free and open source.
+
 
+
By now you can:
+
 
+
* TOC
+
* TBA
+
* Volunteer to help this project!
+
 
+
== Status ==
+
 
+
: We are currently seeking volunteers who will help developing stub/empty articles listed bellow and bring it up to a production level of quality. Join us now to take part in this historic effort, just drop a line to  [mailto:vanderaj@owasp.org Andrew van der Stock]!
+
 
+
== What's In It? ==
+
 
+
TBA
+
 
+
'''TODO: Top 10 Defenses Backlog'''
+
 
+
* Volunteers
+
* Roadmap
+
 
+
# Security Architecture (including incorporating agile ideas)
+
# Use a (more) secure development frameworks and leverage enterprise frameworks (UAG, etc)
+
# Input validation
+
# Output Encoding
+
# Identity: Authentication and Session Management
+
# Access Control (service / controller, data, URL, function / CSRF, presentation, etc)
+
# Data Protection (Data at rest, including in cloud)
+
# Audit, Logging and Error Handling
+
# Secure Configuration
+
# Secure Communications (Data in transit)
+
 
+
 
+
== What's It For? ==
+
 
+
TBA
+
 
+
== Why This Approach? ==
+
 
+
TBA
+
 
+
== How Is It Maintained? ==
+
 
+
* Agile creation - regular releases, time boxed, no heavy weight (e.g. 1.0 2.0) releases
+
 
+
TBA
+
 
+
==Related Projects==
+
 
+
TBA
+
 
+
== Feedback and Participation: ==
+
 
+
We hope you find the OWASP TODO: OWASP Top 10 Defenses Project useful. Please contribute to the Project by volunteering for one of the tasks, sending your comments, questions, and suggestions to vanderaj@owasp.org.  To join the OWASP TODO: OWASP Top 10 Defences Project mailing list or view the archives, please visit the [http://lists.owasp.org/mailman/listinfo/TBA subscription page.]
+
 
+
== Articles ==
+
 
+
TBA
+
 
+
== ==
+
 
+
[[Category:TODO-Top10-Defenses|TODO: OWASP Top 10 Defenses Project]]
+
 
+
__NOTOC__
+

Latest revision as of 17:18, 4 August 2013

moved to https://www.owasp.org/index.php/Projects/OWASP_Proactive_Controls/Roadmap.