New Major release of SKF

The new major release of SKF is here!

We made some huge improvements to the SKF platform and it's better then ever:

Redesign of the SKF Angular component
Thanks to the Google Summer of Code and our Excellent student @AkashM398 we are proud to have this amazing new UI
https://owasp.org/www-community/initiatives/gsoc/gsoc2020ideas

• Full support of hosting SKF on a Kubernetes platform (yes even on a Raspberry Pi K8s stack)
• Deploy the security Labs from SKF or from Juice-shop directly from SKF platform and start hacking!
• By default we created Design patterns for the ASVS categories , for a lot of cases you don't need to go trough the Wizard anymore
• Light and Dark mode of the SKF application
• Tour explanation of the different pages and functionality
• Made SKF ready for OpenID integration
• ASVS Level 1 results have also the code/test examples on how to approach those requirements using SAST,DAST,SCA ...

And many more thing we have added, please have a look and give feedback of the good and the bad so we can take it in with the next release.

Want to see the current version, then go here and have fun:
https://beta.securityknowledgeframework.org
(admin / test-skf) or Skip login

Small bug fixes related to updating security controls

Fixed 2 bugs:

• Not able to update certain security controls in checklist due to not allowed character
• Max Length of the security controls content prevented updating

New SKF release for supporting K8s deployments + minor other improvements

New release of SKF

Included in the new version:

• K8s deployment
• Possible to configure remote DB for example Mysql for persistent data storage
• Abstraction layer for the new checklist you can add to SKF
• Added Code filtering on code tags and search field
• Added audit commenting of the security controls in the project results page
• Local Docker image fixes

The Stable and old SKF project release.

The Stable and old SKF project release.

Last release package of SKF EOL version

This version of SKF will be end of life and a new and better release of SKF will be available.
We thank you all for the feedback we got from you all about the SKF and used this to create a faster and better version of SKF.

This new version you will find in the main branch of this Github repo.

• Python 3.6 + 3.7
• Decoupled
• Angular 4
• Python API + Swagger ui
• SQLAlchemy
• Java code examples thanks to TwelveSec

And much more, check it out ^^

Minor release to fix the validation function in SKF

Turns out the validate function was to tight so it was not allowed to use a space in for example your project name and destroyed the user session. Now fixed :)

First Stable release of Security Knowledge Framework!

Proud to announce the stable release of the Security Knowledge Framework!

Fix for windows skf.db

The skf.db was missing....

Windows support + how to

This Alpha release makes it now possible to also run the Security Knowledge Framework on windows machine. See the Readme for the how to.

Alpha release!

Wooot the first Alpha release of the OWASP SKF!