Category:OWASP Application Security Requirements Project

= Application Security Requirements Project =

Overview
Clearly articulating project-agnostic application security requirements —both general and specific requirements — is the best way to ensure that software is developed under strong and workable security guidance


 * Project purpose: To assemble a useful base of generic security requirements that could be used in most applications.
 * Intended audience: Every person involved in application security, but especially for those responsible of sytem analysis and design.
 * Project products: Deliverables would be business-focused, developed for Business Analysts and Project Managers rather than software developers.

= About =

= Roadmap =

We are just re-starting the project after a couple of years without any progress. We need all the help we can get to make this a successful project

Short-term actions

 * 1) . Identify (map from other owasp projects) categorization and prioritize
 * 2) . Identify software development standards to document requirements
 * 3) . Define work plan
 * 4) . Define document's introduction (scope of the document, composition of the document)
 * 5) . Write first draft related to web applications
 * 6) . Review and adjust plan

Long-term actions

 * Write requirements for mobile applications
 * Write requirements for web services
 * Write requirements for mobile applications