[Owasp-leaders] OWASP Secure Configuration Guide

Alexander Antukh alexander.antukh at owasp.org
Thu Dec 4 19:34:59 UTC 2014

Hi, OWASP Leaders!
I'm Alexander Antukh, a new chapter leader of OWASP Russia.

I would like to present you a new project named OWASP Secure Configuration
Project, and would like to invite you to join it.

Description: "There are small unclassified parts of info of configuration
issues on OWASP currently; this project is to create unified document of
issues and solutions to avoid common misconfigurations in popular
frameworks, web servers, network devices and more" (

My main motivation was lack of one good and clear source of such
misconfigurations when auditing a new environment - last time I spent
several hours trying to find all the bottlenecks of a specific software.
Friends of mine, who are more defenders than attackers, also often
complained about correct security configuration of standard security
software they need to use and implement. I believe the project can be quite
useful for both of categories (auditors and "defenders") and, being updated
and expanded frequently, could become a valuable resource on the Internet.

Currently I'm looking for contributors, who could help in organization,
discussing and proposing new ideas, and calling in for volunteers among
corresponding OWASP Chapters. Deadline for the first stage is 12/14/2014.

Detailed planning, defining project contributors and reviewers team will be
sent to the respondents on 15th of December.

Join us!

Link to the project:
Wiki / ToC: https://www.owasp.org/index.php/Secure_Configuration_Guide

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141204/fb400fbe/attachment.html>

More information about the OWASP-Leaders mailing list