[OWASP-GUIDE] OWASP Guide v2 - Request for Authors: "Designing Web Application Security"

Adrian Wiesmann awiesmann at swordlord.org
Mon Aug 9 15:44:16 EDT 2004


Now that the first two chapters move along nicely, I am looking for
authors which are interested in contributing articles for the version 2 of
the OWASP Guide for the chapter: 

"Designing Web Application Security". 

Among the planned articles are these:

- "A typical project lifecycle": A Chapter that outlines a suggested
project lifecycle from designing upfront, to performing testing throughout
the lifecycle etc

- "Designing with Security in Mind": A basic section about how to include
security at the design stage, ensure you understand the applications
requirements, consider other design processes like RUP etc

- "Design Principles": 10 to 12 basic design principles such as validate
server-side, connection pooling, fail closed etc.

- "Threat Modeling": How to create a threat model and how to use common
threat models for web applications.

If you are interested in writing an article about one of these subjects,
please drop me a note directly to my address. (Please do not answer to the
maillist for not flooding the others.)


More information about the Owasp-guide mailing list