Wednesday, February 10, 2010

OWASP Development Guide Project

News Release/Call For Contributors
The Guide is a manual for designing, developing, and deploying secure web applications
OWASP Development Guide Project
MCLEAN
February 10, 2010

MCLEAN, Feb. 10 OWASP Development Guide Project -- After many months of planning and preparation, the OWASP Development Guide project announced today that it is ready to begin work on the next revision of the Guide, and that that the project is looking for volunteers to do the work, both individuals and organizations.

The OWASP Development Guide is aimed at architects, developers, consultants and auditors and is a comprehensive manual for designing, developing and deploying secure web applications. The original OWASP Development Guide has become a staple diet for many web security professionals. Since 2002, the initial version was downloaded over 2 million times. Today, the Development Guide is referenced by many leading government, financial, and corporate standards and is the Gold standard for Web Application and Web Service security.

The next version of the OWASP Development Guide will be in effect the detailed design guide for the requirements of the OWASP Application Security Verification Standard (ASVS), which can be found here: http://www.owasp.org/index.php/ASVS. Key features of the next Guide will include use of the new OWASP common numbering scheme. The new numbering scheme will be common across OWASP Guides and References, more information can be found here: http://www.owasp.org/index.php/Common_OWASP_Numbering. Additional key features will be the inclusion of worksheets and checklists, such as the sample input validation worksheet which can be found here: http://code.google.com/p/owasp-development-guide/wiki/WebAppSecDesignGuide_D5_2_1_1

For more information, and for more information if you are interested in volunteering, please see: http://owasp-development-guide.googlecode.com/files/development-guide-contributing.pdf Please forward this email as you think appropriate. Got buddies and want to work on a section or two as a team? Professional project management will be a key feature of the next release of the Guide and can help to facilitate such arrangements. Here is what the work streams will look like: http://owasp-development-guide.googlecode.com/files/guide-org-chart.pdf. And, the Guide project is always on the lookout for volunteers. If you think you might have availability in the future, please do reach out at that time.

For more information, email the OWASP Development Guide project manager Mike Boberski at mike.boberski@owasp.org.

No comments: