Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Next Release of the Secure Web Application Framework Manifesto

From: Rohit Sethi <rklists () gmail com>
Date: Mon, 11 Oct 2010 17:44:39 -0400
Hi all, we wanted to let you know that the manifesto is now an
official an OWASP project:
http://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto#tab=Project_About

We're looking for people to help review as well as spread the word
about the project. In particular, we're looking for people who want to
help implement some of the requirements in Django or a spin-off
thereof.

Thanks,

Rohit

On Thu, May 6, 2010 at 11:49 AM, Rohit Sethi <rklists () gmail com> wrote:

Hi all, we've released version 0.08 of the Secure Web Application
Framework Manifesto at http://labs.securitycompass.com

This is 2nd public release of the document. Our goal is to provide a
list of requirements so that web application frameworks offer more
security out of the box. Our next step will be to move this over to an
OWASP project, and then to solicit participation from framework
developers. If anyone participates in or knows of the developers of
the Django or Lift web app frameworks please let me know. As always,
we look forward to any suggestions you have.

We had a lot of feedback on additional requirements from our previous
release. We took the approach of actually reducing the total number of
requirements in this release so that we have a greater chance of
achieving success with the frameworks. We plan on adding to the
requirements in future years.

Thanks,

--
Rohit Sethi
Security Compass
http://www.securitycompass.com
twitter: rksethi





-- 
Rohit Sethi
Security Compass
http://www.securitycompass.com
twitter: rksethi
_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________
Previous By Date Next
Previous By Thread Next

Current thread: