[Owasp-leaders] New major release of the OWASP Security Knowledge Framework project!

martin.knobloch at owasp.org martin.knobloch at owasp.org
Tue Jul 11 15:24:04 UTC 2017

Hi Glenn, Riccardo and rest of the team!

Congratulations, well done!


On Tuesday, July 11, 2017, Glenn Ten Cate wrote:
> Hello everyone,
> After lots of hard work we are finally thrilled to announce the new version
> of the
> Security knowledge framework! We collected all the feedback from the
> community and all
> it's users and used this feedback to build a better and faster version of
> the SKF!
> The new version consists out of a Python3.6 flask API and uses an Angular4
> frontend.
> Because of this the SKF is more scalable and faster than ever before! We
> redesigned the GUI
> for better smoother user experience and changed the way the projects are
> set up. As a result
> the pre and post development go seamlessly together and provide better
> workflows.
> We also added the option to leave audit trails and assign statuses to the
> security
> requirements per project and sprint provided by the framework. Now the
> developers and auditors
> have a clean nice overview of what has to be done and have the overal
> status of the project.
> If all that was not enough, our nice friends of TwelveSec in Greece donated
> all the JAVA secure
> code examples needed for them to be released finally as wel! Also we have 2
> students working hard
> on other secure code examples for example Ruby on Rails and Python that
> will be soon released!
> We proudly invite you all to come see our demo you can find @
> https://demo.securityknowledgeframework.org
> - username: admin
> - password: test-skf
> Remark: This demo environment will be reset every hour and pulls the latest
> master release from Github
> And more information here:
> https://www.owasp.org/index.php/OWASP_Security_Knowledge_Framework
> We are also an advocate of having a Secure Software Development Life Cycle,
> check our Travis
> results page to see how we have integrated this into our project. BTW all
> the services we use
> are free to use for Open-Source projects so use it for your own OWASP
> projects as well!
> We won't mention them because there are to many but please have a look at
> our Github to find al
> the tooling and services we use to keep the quality of the framework as
> high as possible and secure!
> Example of a CI & CA run
> https://travis-ci.org/blabla1337/skf-flask/jobs/252318598
> The source of the project and all the badges and services we use
> https://github.com/blabla1337/skf-flask
> Also if you have good contributions or bug reports please let us know and
> we can give you a nice goodie,
> all the help is more then welcome ^^
> Last but not least:
> Big THANK you to our contributors that helped us and made fixes or did
> reviews, without
> them we woulden't be where we are now!
> Kind regards,
> Security Knowledge Framework team

More information about the OWASP-Leaders mailing list