[WEB SECURITY] Next Release of the Secure Web Application Framework Manifesto

Rohit Sethi rklists at gmail.com
Thu May 6 11:51:59 EDT 2010


---------- Forwarded message ----------
From: Rohit Sethi <rklists at gmail.com>
Date: Thu, May 6, 2010 at 11:49 AM
Subject: Next Release of the Secure Web Application Framework Manifesto
To: SC-L at securecoding.org


Hi all, we've released version 0.08 of the Secure Web Application
Framework Manifesto at http://labs.securitycompass.com

This is 2nd public release of the document. Our goal is to provide a
list of requirements so that web application frameworks offer more
security out of the box. Our next step will be to move this over to an
OWASP project, and then to solicit participation from framework
developers. If anyone participates in or knows of the developers of
the Django or Lift web app frameworks please let me know. As always,
we look forward to any suggestions you have.

We had a lot of feedback on additional requirements from our previous
release. We took the approach of actually reducing the total number of
requirements in this release so that we have a greater chance of
achieving success with the frameworks. We plan on adding to the
requirements in future years.

Thanks,

--
Rohit Sethi
Security Compass
http://www.securitycompass.com
twitter: rksethi



-- 
Rohit Sethi
Security Compass
http://www.securitycompass.com
twitter: rksethi

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list