OWASP Security RUP Plug-in and Java App Server Security Config Guides

[Mark Curphey <mark () curphey com>]

The open web application security project is going 
to start two new projects in 2003 and we are looking 
for volunteers who can start work on material 
immediately. Both are documentation projects, but 
are somewhat different from current projects in 
flight or nearing release.

Security Plug-in to the RUP – The first will be a 
security plug-in to the Rational Unified Process.  
This project will gather best practices in process 
and technology and encapsulate them into a RUP plug-
in with templates and other artifacts which will 
submitted to the RUP Exchange. This plugin will 
focus on Web Application and Web Services Security 
only.  If you are interested in working on this 
project (which is likely to be sponsored in some 
fashion so the team can meet in person) and have 
experience of the RUP then please send us an email 
with a basic bio.

Java Application Server Security Configuration 
Guides – I have about 50% of an Apache Tomcat guide 
now completed and we are planning to release and 
maintain security config guides for Tomcat, WebLogic 
and WebSphere at some point next year. If you are 
interested in writing content for any of the 
platforms then again please drop us a line with a 
basic bio.

Thanks


Mark

PS Rumor has it a technology preview (alpha) of the 
WebScarab proxy will be out real real soon ;-)