Vandana Verma

Security Leader

OWASP Spotlight - Project 7 - Security Knowledge Framework

Hi Everyone.

We are back again with another spotlight series project and today we have OWASP Security Knowledge Framework (SKF) with us. I feel that this is one project, which is so much relevant and this is required in any organization for training the developers, security researchers, for getting the requirements and whatnot.

The security framework wants to help developers & empower them, to be able to give them the right awareness and knowledge to build secure applications by design. For the API, the front end of SPF, everything is ready and be able to also deploy in Kubernetes platforms.

For the people who don’t know SPF, it is an application that you can run and where you have all the information to security related and security development, security verification. It’s all in one place, right, with all the best of us projects, as you can imagine.

SKF has: *Knowledge Base items to help you understand more. *Checklist - These are all categories from the ASP s that we have over here. *Security requirements where you see for the category one of the SPS all the different security requirements that you should think of an implement when you’re dealing with it right *Labs: to test the actual vulnerabilities

In SPF, we have that flexibility also build your own checklist or modify like the as we, as that is already in there. It’s a framework so we can modify or adapted as we want.

Team is really trying to help the developers to know how to secure program. But also empower them to do a part of the verification themselves right. We can simply go to the SPF URL and start doing the labs also. Easy starting points is to get in and really help to contribute to the project.

With this information, we can really let the developers shine, let them build really cool secure applications by design in a very structured manner.

About the Project



Contributing to OWASP-SKF -