About eGURU
eGURU Process
Operational Details
Project Ideas
The Proposal Details
e-Applications Security Project (eSP)
We need to dedicate on finding/discovering and combating the causes for insecure web applications. We can produce open, free, impartial documentation, tools and more importantly standards to fight for the same cause. Web Application Security is focussed on all web-enabled projects. Our focus can be to raise the web application security standards by developing from best practices of the experienced web application development security professionals. We can devise our own approach towards identifying and mitigating the risks arising out of vulnerabilities existing on the web.
The idea is to develop a strong base for fighting against the Web Application attacks. We can see the market trends reflecting the companies to spend huge amounts of money on Web Security. The initial phase can be developing Secure Coding Practises for atleast Mainstream Technologies (i.e, .NET, J2EE,PHP & Linux, etc.). The focus can then be brought on Web platforms like Apache, Linux, IIS and Databases. We can raise the security awareness of web application development in every stage ofthe development life cycle. The next step can be preparing Penetration Testing Guide and Checklists which can help to develop more secure application. Essentially the aim is "Security should be baked into coding culture".
Web Application SecurityConsortium : http://www.webappsec.com OWASP : http://www.owasp.org