Now Online OWASP Guide to Building Secure Web Applications

[The Owasp Project <owasp () owasp org>]

We are pleased to announce that the first release of 
the Open Web Application Security Project “Guide to 
Building Secure Web Applications” is now online in 
both pdf (1.67Mb) and HTML. 

The Guide covers various web application security 
topics from architecture to preventing attack 
specifics like cross site scripting, cookie 
poisoning and SQL injection. Its 80 pages of pure 
web application security and no vendor marketing in 
sight! The document is released under the GNU 
documentation license and was a community volunteer 
effort. Big kudos to all those involved.

You can download the Guide from the front page at 
http://www.owasp.org

This is just one of several projects underway 
including an open source web application scanner 
called WebScarab (due end of the year), a set of 
generic API’s called Filters to allow developers to 
easily protect their applications from malicious 
input / output such as XSS (due in next 3 months) 
and a formal testing methodology. Future projects 
include an intentionally buggy application for 
testing and learning, called WebMaven.

Oh, and did we mention its all open source and free !

If you like the work, want to contribute or have 
suggestions for improvements, please drop us a mail. 
owasp () owasp org

The Open Web Application Security Project

http://www.owasp.org