[Owasp-leaders] New major release of the OWASP Security Knowledge Framework project!

Glenn Ten Cate glenn.ten.cate at owasp.org
Tue Jul 11 09:37:47 UTC 2017


Hello everyone,

After lots of hard work we are finally thrilled to announce the new version
of the
Security knowledge framework! We collected all the feedback from the
community and all
it's users and used this feedback to build a better and faster version of
the SKF!

The new version consists out of a Python3.6 flask API and uses an Angular4
frontend.
Because of this the SKF is more scalable and faster than ever before! We
redesigned the GUI
for better smoother user experience and changed the way the projects are
set up. As a result
the pre and post development go seamlessly together and provide better
workflows.

We also added the option to leave audit trails and assign statuses to the
security
requirements per project and sprint provided by the framework. Now the
developers and auditors
have a clean nice overview of what has to be done and have the overal
status of the project.

If all that was not enough, our nice friends of TwelveSec in Greece donated
all the JAVA secure
code examples needed for them to be released finally as wel! Also we have 2
students working hard
on other secure code examples for example Ruby on Rails and Python that
will be soon released!

We proudly invite you all to come see our demo you can find @
https://demo.securityknowledgeframework.org

- username: admin
- password: test-skf

Remark: This demo environment will be reset every hour and pulls the latest
master release from Github

And more information here:
https://www.owasp.org/index.php/OWASP_Security_Knowledge_Framework

We are also an advocate of having a Secure Software Development Life Cycle,
check our Travis
results page to see how we have integrated this into our project. BTW all
the services we use
are free to use for Open-Source projects so use it for your own OWASP
projects as well!
We won't mention them because there are to many but please have a look at
our Github to find al
the tooling and services we use to keep the quality of the framework as
high as possible and secure!

Example of a CI & CA run
https://travis-ci.org/blabla1337/skf-flask/jobs/252318598

The source of the project and all the badges and services we use
https://github.com/blabla1337/skf-flask

Also if you have good contributions or bug reports please let us know and
we can give you a nice goodie,
all the help is more then welcome ^^

Last but not least:
Big THANK you to our contributors that helped us and made fixes or did
reviews, without
them we woulden't be where we are now!

Kind regards,
Security Knowledge Framework team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170711/abf6175c/attachment.html>


More information about the OWASP-Leaders mailing list