[Owasp-leaders] Web Service Cheaters!

Jim Manico jim.manico at owasp.org
Sun Oct 9 18:51:31 EDT 2011


Internet cheat sheet?

Sure, could you send me an outline first please?

Thank you! :)
- Jim
> Oh Jim, I'll help with the spring and struts ones?
> Do we need an Internet cheat sheet? (think about that before responding :)
>
>
>
>
>  
>
> On 9 Oct 2011, at 23:36, Jim Manico <jim.manico at owasp.org> wrote:
>
>> Eoin,
>>
>> Regarding...
>>
>> https://www.owasp.org/index.php/Web_Service_Security_Cheat_Sheet
>>
>> ... this guide is just a high level cheat to help understand the problem of web service security from a high level, quickly.
>>
>> We also need more prescriptive cheat sheets such as ...
>>
>> OWASP WS-* Cheatsheet...
>> SOAP Cheatsheet
>> REST Cheatsheet
>>
>> ... and even more framework specific, like Melton suggests ...
>>
>> OWASP Java Axis 2 Cheatsheet
>> Spring Rest Cheatsheet
>> PHP Soap Cheatsheet
>>
>> and so on. And I would think we will see more code samples like you suggest in these lower level cheat sheets.
>>
>> But by all means, we could really use the communities help, especially you, Eoin. :) Please jump in and help us make ...
>>
>> https://www.owasp.org/index.php/Web_Service_Security_Cheat_Sheet
>>
>> ... better of a cheat! :)
>>
>> Cheers,
>> - Jim
>>
>>> It seems very high level to me.
>>> Not too many answers for developers on "how" to do something. But rather on "what".
>>> Should content on WS have some detail such as what is in the (old) code review guide?
>>> https://www.owasp.org/index.php/Reviewing_Web_Services
>>>
>>>
>>> Ek
>>>
>>> Sent from my iPad
>>>
>>> On 7 Oct 2011, at 04:52, Jim Manico<jim.manico at owasp.org>  wrote:
>>>
>>>> Hello Leaders,
>>>>
>>>> We just pushed our first version of the Web Service Security cheat sheet here:
>>>>
>>>> https://www.owasp.org/index.php/Web_Service_Security_Cheat_Sheet
>>>>
>>>> Thanks to Gunnar Peterson for getting us started, to Sherif Koussa for driving it home, and for that many others who helped provide content and suggestions.
>>>>
>>>> I would be very grateful if the web service security experts in our community would take a peek (its a fast read) and provide comments.
>>>>
>>>> Thanks all,
>>>>
>>>> -- 
>>>> Jim Manico
>>>>
>>>> Connections Committee Chair
>>>> Cheatsheet Series Product Manager
>>>> OWASP Podcast Producer/Host
>>>>
>>>> jim at owasp.org
>>>> www.owasp.org
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders


-- 
Jim Manico

Connections Committee Chair
Cheatsheet Series Product Manager
OWASP Podcast Producer/Host

jim at owasp.org
www.owasp.org



More information about the OWASP-Leaders mailing list