{"_id":"554dd90c2432590d00bd5110","__v":4,"user":"553aa28b9a32920d0086714a","category":{"_id":"554dd8d10f31e40d0028e7a2","pages":["554dd90c2432590d00bd5110","554dd913be34a70d0003787c","554dd91cbe34a70d0003787e","554dd95cbe34a70d00037882","55545650b450630d00041d7b","5554565fa7de890d0003d51b","566c8b44cb3d040d00abae40","566c9bebcb3d040d00abae4f"],"project":"553aa3050074c80d00621c33","__v":8,"version":"553aa3050074c80d00621c36","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-05-09T09:52:17.881Z","from_sync":false,"order":2,"slug":"features","title":"Features"},"project":"553aa3050074c80d00621c33","version":{"_id":"553aa3050074c80d00621c36","__v":6,"project":"553aa3050074c80d00621c33","createdAt":"2015-04-24T20:09:41.956Z","releaseDate":"2015-04-24T20:09:41.955Z","categories":["553aa3060074c80d00621c37","554dd8d10f31e40d0028e7a2","554ddd802432590d00bd511a","569784c469393517000c8315","569784ce3503e40d0061f40e","59685ebf456d69001568a933"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"parentDoc":null,"updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-05-09T09:53:16.225Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":0,"body":"Firstly.\n\nThe first step in using the security knowledge framework is adding a new project\nto the application. This can be achieved by means of clicking on the \"projects\" tab on the landing page. and selecting the \"new project\" from the menu.\n\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/47ec4ef-Dashboard.png\",\n        \"Dashboard.png\",\n        2872,\n        1415,\n        \"#e6e6ef\"\n      ],\n      \"caption\": \"\"\n    }\n  ]\n}\n[/block]\nINTRO\n\nAfter clicking on the \"New project\" you will find a wizard that guides you to setting up a new project. This includes selecting the right ASVS level, setting up a project, setting up pre development settings and finally creating your very first sprint.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/a6fb929-project_new_intro.png\",\n        \"project_new_intro.png\",\n        2868,\n        1647,\n        \"#e2e3eb\"\n      ]\n    }\n  ]\n}\n[/block]\nHere in the intro as mentioned before we select our ASVS level by selecting a accordeon menu and hitting the \"select this level\" button!\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/b3e8f4a-project_new_intro_2.png\",\n        \"project_new_intro_2.png\",\n        2293,\n        1058,\n        \"#535392\"\n      ]\n    }\n  ]\n}\n[/block]\nSTEP1.\n\nFill in some additional information for adding a new project. Since there is a strict input validation in place the application can sometimes generate warnings like: \"Not Acceptable\". This means it detected intrusted userinput and blocks the request.\n\nNOTE: Whenever the applications measures to much violations the user account will be blocked! you than have to clear your log files in order to gain access to the system again.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/6b95188-project_new_step_1.png\",\n        \"project_new_step_1.png\",\n        2871,\n        1648,\n        \"#4e4f67\"\n      ]\n    }\n  ]\n}\n[/block]\nSTEP 2.\n\nIn this step we can select some pre-development settings about the things like the architecture and design. These steps are crucial for narrowing down the scope of the ASVS and leaves your developers with les security controls to be concerned about.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": []\n    }\n  ]\n}\n[/block]\n\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/e8255ba-project_new_step_2.png\",\n        \"project_new_step_2.png\",\n        2316,\n        1131,\n        \"#ececef\"\n      ]\n    }\n  ]\n}\n[/block]\nSTEP 3\n\nAfter setting up the pre-development settings we can now start adding a new sprint. So, what type of functionality are we now building, and what techniques are we going to apply building it? This selection leaves you again with tailored ASVS security requirements.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/4e2bd84-project_new_step_3.png\",\n        \"project_new_step_3.png\",\n        2873,\n        1646,\n        \"#4e4e66\"\n      ]\n    }\n  ]\n}\n[/block]\nSTEP 4\n\nHere is where we actually start selecting the techniques used when building the functions in the first sprint! \n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/fc003a6-project_new_step_4.png\",\n        \"project_new_step_4.png\",\n        2879,\n        1651,\n        \"#4e4f67\"\n      ]\n    }\n  ]\n}\n[/block]\nFINAL\n\nYes, now we are done to start developing the new project! \n\nSecure, by design!\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/8a60333-project_new_finish.png\",\n        \"project_new_finish.png\",\n        2876,\n        1651,\n        \"#4e5067\"\n      ]\n    }\n  ]\n}\n[/block]","excerpt":"What you need to know about creating projects","slug":"projects","type":"basic","title":"New project"}

New project

What you need to know about creating projects

Firstly. The first step in using the security knowledge framework is adding a new project to the application. This can be achieved by means of clicking on the "projects" tab on the landing page. and selecting the "new project" from the menu. [block:image] { "images": [ { "image": [ "https://files.readme.io/47ec4ef-Dashboard.png", "Dashboard.png", 2872, 1415, "#e6e6ef" ], "caption": "" } ] } [/block] INTRO After clicking on the "New project" you will find a wizard that guides you to setting up a new project. This includes selecting the right ASVS level, setting up a project, setting up pre development settings and finally creating your very first sprint. [block:image] { "images": [ { "image": [ "https://files.readme.io/a6fb929-project_new_intro.png", "project_new_intro.png", 2868, 1647, "#e2e3eb" ] } ] } [/block] Here in the intro as mentioned before we select our ASVS level by selecting a accordeon menu and hitting the "select this level" button! [block:image] { "images": [ { "image": [ "https://files.readme.io/b3e8f4a-project_new_intro_2.png", "project_new_intro_2.png", 2293, 1058, "#535392" ] } ] } [/block] STEP1. Fill in some additional information for adding a new project. Since there is a strict input validation in place the application can sometimes generate warnings like: "Not Acceptable". This means it detected intrusted userinput and blocks the request. NOTE: Whenever the applications measures to much violations the user account will be blocked! you than have to clear your log files in order to gain access to the system again. [block:image] { "images": [ { "image": [ "https://files.readme.io/6b95188-project_new_step_1.png", "project_new_step_1.png", 2871, 1648, "#4e4f67" ] } ] } [/block] STEP 2. In this step we can select some pre-development settings about the things like the architecture and design. These steps are crucial for narrowing down the scope of the ASVS and leaves your developers with les security controls to be concerned about. [block:image] { "images": [ { "image": [] } ] } [/block] [block:image] { "images": [ { "image": [ "https://files.readme.io/e8255ba-project_new_step_2.png", "project_new_step_2.png", 2316, 1131, "#ececef" ] } ] } [/block] STEP 3 After setting up the pre-development settings we can now start adding a new sprint. So, what type of functionality are we now building, and what techniques are we going to apply building it? This selection leaves you again with tailored ASVS security requirements. [block:image] { "images": [ { "image": [ "https://files.readme.io/4e2bd84-project_new_step_3.png", "project_new_step_3.png", 2873, 1646, "#4e4e66" ] } ] } [/block] STEP 4 Here is where we actually start selecting the techniques used when building the functions in the first sprint! [block:image] { "images": [ { "image": [ "https://files.readme.io/fc003a6-project_new_step_4.png", "project_new_step_4.png", 2879, 1651, "#4e4f67" ] } ] } [/block] FINAL Yes, now we are done to start developing the new project! Secure, by design! [block:image] { "images": [ { "image": [ "https://files.readme.io/8a60333-project_new_finish.png", "project_new_finish.png", 2876, 1651, "#4e5067" ] } ] } [/block]