AppSecEU08 The OWASP ORIZON project

From OWASP
Jump to: navigation, search

The speech

The Owasp Orizon project is born in 2006 to provide an opensource APIs for anyone involved in writing code review tools.

The project is comprised from several part each devoted to a particular source code assessment:

  • jericho engine is a set of APIs to perform static code review
  • dawn engine is a set of APIs to perform dynamic code review
  • crawler engine is a set of APIs to perform source code crawling as described in Owasp Code review Guide

During the speech the Owasp Orizon internals will be descrived, with a lot of information about the three engines and the method calls they provide. The speech key value will be the announce of a major innovation introduced from the 0.90 engine release.

The speaker

Paolo Perego is a senior security consultant for Spike Reply S.r.l. where he performs ethical hacking, code review and SSDLC design activities.

He leads Owasp Orizon project and he is very active in both Owasp Italy than Owasp Code review project.