OWASP Security RUP Plug-in and Java App Server Security Config Guides

The open web application security project is going to start two new projects in 2003 and we are looking for volunteers who can start work on material immediately. Both are documentation projects, but are somewhat different from current projects in flight or nearing release.

Security Plug-in to the RUP – The first will be a security plug-in to the Rational Unified Process. This project will gather best practices in process and technology and encapsulate them into a RUP plugin  with templates and other artifacts which will submitted to the RUP Exchange. This plugin will focus on Web Application and Web Services Security only. If you are interested in working on this project (which is likely to be sponsored in some fashion so the team can meet in person) and have experience of the RUP then please send us an email with a basic bio.

Java Application Server Security Configuration Guides – I have about 50% of an Apache Tomcat guide now completed and we are planning to release and maintain security config guides for Tomcat, WebLogic and WebSphere at some point next year. If you are interested in writing content for any of the platforms then again please drop us a line with a basic bio.

Thanks

Mark

PS Rumor has it a technology preview (alpha) of the WebScarab proxy will be out real real soon ;-) Received on Wed Nov 13 19:43:35 2002