Difference between revisions of "Category:OWASP Open Review Project"

Jump to: navigation, search
(Project Goals)
Line 20: Line 20:
== People ==
== People ==
Project lead: [[User:Mario de Boer|Mario de Boer]].
Project lead: [[User:Njama|Mario de Boer]].
Contributors: None yet, any help more than appreciated.
Contributors: None yet, any help more than appreciated.

Revision as of 13:34, 5 June 2008


We are surrounded by open source software. Not only the open source software all of us use, also many of the commercial applications contain open source libraries. And in our routers, our cars, our phones, everywhere...

In the OWASP Open Review Project (ORPRO) we perform open reviews of open source projects. We focus on security, are independent, and use the excellent deliverables from other OWASP projects to achieve traceable assurance statements on the security of the code. Users, both end-users and organizations using open source in their products, may benefit from ORPRO’s results.

Project Goals

  • Independent security review of open source projects;
  • Centrally managed;
  • Independent statement on what is reviewed and by whom, resulting in a form of assurance that the software is free from security bugs;
  • Analysis not limited to code review, including digging into hard algorithms (compression, crypto, etc);
  • Responsible disclosure of any security vulnerabilities discovered.


5 June 2008 OWASP ORPRO launched

Get involved

Security review takes both time and expertise. We need people with good secure coding skills in C, C++, .NET, Java, php, etc and that have the audacity to review some of the most popular open source projects around.

Please go to https://lists.owasp.org/mailman/listinfo/open-review-project to subscribe to the list. You can post to the ORPRO mailing list by emailing open-review-project@lists.owasp.org.


Project lead: Mario de Boer.

Contributors: None yet, any help more than appreciated.

This category currently contains no pages or media.