Category:OWASP Code Review Project

De OWASP

This project has produced a book that can be downloaded or purchased.
Feel free to browse the full catalog of available OWASP books.

Main
Project About

OWASP Code Review Guide V2.0

Planned to be launched mid January 2011.

OWASP Code Review Guide Table of Contents

Summer of Code 2008

The Code review guide is proudly sponsored by the OWASP Summer of Code (SoC) 2008. For more information please see OWASP Summer of Code 2008.

Code Review Guide V1.1 Completed

The code review guide has been completed and is available here http://www.lulu.com/content/5678680 as a bound book.

Code review tool

The following link is for the new version of Code Crawler, code review tool which examines code for keywords discussed in the section "Crawling Code". It support Java and .NET code:

http://codecrawler.codeplex.com/Release/ProjectReleases.aspx

Owasp Orizon Code review engine

The Owasp Orizon Project is born in 2006 to provide a set of APIs to provide an opensource engine to provide static analysis services to developers that wants to build a code review tool.

The Owasp Orizon will evolve accordingly in order to implement security checks described in the Code Review Guide. With the framework a UI is also provided in order to give people a standalone tool to realize code review for the security flaws listed in the "The Owasp Code Review Top 9"

The Owasp Orizon main page is available here: Category:OWASP_Orizon_Project

Source code is hosted at Sourceforge.net site: http://orizon.sourceforge.net

Spring Of Code 2007

The Code review guide is proudly sponsored by the OWASP Spring of Code (SpOC) 2007. For more information please see Spring of Code 2007

Project Contributors

The OWASP Code Review project was conceived by Eoin Keary, the OWASP Ireland Founder and Chapter Lead. We are actively seeking individuals to add new sections as new web technologies emerge. If you are interested in volunteering for the project, or have a comment, question, or suggestion, please drop me a line mailto:eoin.keary@owasp.org

Join the Code Review Team

All of the OWASP Guides are living documents that will continue to change as the threat and security landscape changes.

We welcome everyone to join the Code Review Guide Project and help us make this document great. The best way to get started is to subscribe to the mailing list by following the link below. Please introduce yourself and ask to see if there is anything you can help with. We are always looking for new contributions. If there is a topic that you’d like to research and contribute, please let us know!

http://lists.owasp.org/mailman/listinfo/owasp-codereview

Roadmap

View the OWASP Code Review Project Roadmap

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: OWASP Code Review Project (home page)
Purpose: The code review guide is currently at release version 1.1 and the second best selling OWASP book in 2008. Many positive comments have been feedback regarding this initial version and believe it’s a key enabler for the OWASP fight against software insecurity. It has even inspired individuals to build tools based on its information. The combination of a book on secure code review and tools to support such an activity is very powerful as it gives the developer community a place to start regarding secure application development. Going forward I hope to further integrate with the ASVS and other guides such as the testing and ASDR guides shall be perfromed for version 2.0.
License: Creative Commons Attribution Share Alike 3.0
who	is working on this project?
Project Leader(s): Eoin Keary @
how	can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: View
Main links: OWASP Code Review Guide's (Version 2.0) Approved Budget Code Review Guide Table of Contents OWASP Code Review Guide V1.1 - Word file OWASP Code Review Guide V1.1 - PDF file OWASP Code Review V1.1 Book Code Review Guide V1.1 - List of Contributors
Key Contacts
Contact Eoin Keary @ to contribute to this project Contact Eoin Keary @ to review or sponsor this project Contact the GPC to report a problem or concern about this project or to update information.

current release

Code Review Guide V2.0 - January 2011 - (no download available)
Release description: A release with major enhancements and other ideas is being developed. For further info please consult the release's roadmap.
Rating: Not Reviewed - Assessment Details

last reviewed release

Code Review Guide V1.1 - 4 January 2009 - (download)
Release description: This release is an expanded and improved version of the former OWASP Code Review Guide’s RC 2.0 version which contains the following additional and expanded chapters: Transactional Analysis, Threat Modelling and Analysis, Example reports and how to write one, Automated code review, Rich Internet Applications, The OWASP ESAPI, Code review Metrics, Integrating Code review with an existing SDLC.
Rating: Stable Release - Assessment Details

all releases
Code Review Guide V2.0 Code Review Guide V1.1

Artículos en la categoría "OWASP Code Review Project"

Las siguientes 67 páginas pertenecen a esta categoría, de un total de 67.

Top 10 2010

A

B

C

J

L

Logging issues

O

P

R

R cont.

S

T

X

XSS Attacks

Obtenido de "http://www.owasp.org/index.php/Category:OWASP_Code_Review_Project"

Category:OWASP Code Review Project

De OWASP

OWASP Code Review Guide V2.0

Contents

Summer of Code 2008

Code Review Guide V1.1 Completed

Code review tool

Owasp Orizon Code review engine

Spring Of Code 2007

Project Contributors

Join the Code Review Team

Roadmap

Artículos en la categoría "OWASP Code Review Project"

A

B

C

D

E

E cont.

F

H

I

J

L

O

P

R

R cont.

S

T

X

Vistas

Herramientas personales

Navegación

Reference

Language

Buscar

Herramientas