[OWASP-GUIDE] OWASP 2.0 v3
Andrew van der Stock
vanderaj at greebo.net
Thu Feb 3 07:20:31 EST 2005
You can download the latest version of the Guide here:
Word version, 649 kB
PDF version, 1086 kB
I would use SourceForge, but my SF account does not work with CVS on the
OWASP project (and only that project - all my other SF projects work fine
with CVS), and as such I can't checkout or check in any files. :( Oh well.
The structure has settled nicely, but there is some work to do. You will see
nearly finished chapters like Authentication (marked in green in the TOC)
which are just about right. The rest still need aligning with the Top 10
headings, and obviously, for some chapters like Injection, there is a lot of
work to be done there. Chapters with yellow TOC heading 1 entries are in
need of a bit of new content or just editing, and as such are almost done.
Chapters in red need a lot of work to complete. Some chapters are still
missing some headings. For example, Privacy does not yet have all headings.
If you think there's a missing heading, feel free to add it.
For authentication, you can see I've not only made the each section shorter,
there are more controls, many with completely new text. So although the word
count is up*, there's a lot more useful concise guidance. When it comes time
for an editing pass, I'll be looking for that concise feel.
Most chapters require a bit of work to finish - look for TODO in the text
and in comments. If you feel up to it, adopt a chapter and finish it.
As this is a collaborative project, I'll be more than happy if people want
to take on a chapter to complete, but please let the list know you're doing
it so there's no duplication of effort.
* We've now cracked 50,900 words, up from 40,000 last week FDL and SAML
chapters are back!
More information about the Owasp-guide