OWASP Cheat Sheets are a concise collection of high-value information on various security topics. Created by application security professionals with hands-on experience, OWASP Cheat Sheets provide security guidance in an easy-to-read format.
The purpose of this Working Session is to revise and improve the existing OWASP Cheat Sheets.
- Bring together Cheat Sheets creators and users
- Workshop ideas:
- Working Sessions on improving existing Cheat Sheets, debating finer details of their content, and creating new ones
- Work on an updated version of the Cheat sheets book https://www.owasp.org/images/9/9a/OWASP_Cheatsheets_Book.pdf (maybe adding it to Leanpub and Amazon)
- Plan next steps and what should be worked on next (after the Summit)
- Question: What would be a realistic deliverable for the Summit?
This Working Session will draft and publish a set of revised OWASP Cheat Sheets.
The target audience for this Working Session is:
- Security professionals
- Software developers
- Application architects
- DBAs/DB experts
- Web developers
The last afternoon session on the 13th June for Cheat Sheets has decided that we need to deliver a number of FAQs and functional requirements to ensure better participation and clarity around the process.
The proposed topics are: • How to create a new one? • How to modify? • How to get consensus for publication? • How to move from draft to final? • What is a valid cheat sheet topic? • When to retire or remove one (currency test)?
Functional requirements: • Last edit date on the Wiki • Last review date on the Wiki • Status label • Clear status label on template • Standardisation of tagging for SEO ranking and searching.
Related Working Session(s)
- Identity and Access Management for REST APIs - REST Security Cheat Sheet
- Threat Modeling Cheat Sheet & Lightweight Threat Modeling (Part II)
- Threat Modeling OWASP Pages
Back to list of all Working Sessions and Tracks
Edit this page here