Difference between revisions of "Category:OWASP Orizon Project"

From OWASP
Jump to: navigation, search
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[Category:OWASP Project]]
+
=Main=
[[Category:OWASP Tool]]
+
[[Category:OWASP Download]]
+
[[Category:OWASP Beta Quality Tool]]
+
  
{{ ProjectTabs |
+
<div style="width:100%;height:110px;border:0,margin:0;overflow: hidden;">[[File:Low activity.jpg|link=OWASP_Project_Archived_Projects#Archived_Projects]]</div>
Proj_About =  
+
 
 +
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 +
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
==OWASP Orizon==
 +
 
 +
OWASP Orizon is...
 +
 
 +
==Introduction==
  
 
The quest for secure code is what all developers want to achieve (at least we hope so). Software must be reliable. Software must be strong. Software must be '''secure'''.
 
The quest for secure code is what all developers want to achieve (at least we hope so). Software must be reliable. Software must be strong. Software must be '''secure'''.
Line 19: Line 24:
 
The Orizon project, hosted by Sourceforge, is [http://orizon.sourceforge.net here].
 
The Orizon project, hosted by Sourceforge, is [http://orizon.sourceforge.net here].
  
====Goals====
+
 
Orizon's goal is to provide:
+
 
 +
==Description==
 +
 
 +
Owasp Orizon is a code review tool intended to be used from security specialist to perform white box assessment. Orizon exposes also a set of APIs that can be used within a security tool to provide code review services.
 +
 
 +
 
 +
==Licensing==
 +
OWASP XXX is free to use. It is licensed under the GNU General Public License version 3.0 (GPLv3).
 +
 
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
== What is Orizon? ==
 +
 
 +
OWASP Orizon  provides:
 +
 
 
* a tool a security specialist (or a developer with hackish state-of-mind) can use to perform code reviews
 
* a tool a security specialist (or a developer with hackish state-of-mind) can use to perform code reviews
 
* an engine a developer can embed in his application to provide code review services
 
* an engine a developer can embed in his application to provide code review services
  
One of OWASP's newly-created goals is to eat its own dog food and Orizon will contribute to this goal by utilizing the recommendations described in the [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide].
 
  
====Discussion group====
 
A discussion group is available as well, in [http://www.linkedin.com/groups?gid=2055672 LinkedIN]. We can use this group to talk about Orizon, to promote it in the real world business of statica analysis, to request features, to submit bugs, to exchange some words with the developers and so on.
 
  
So, please join the [http://www.linkedin.com/groups?gid=2055672 group] and help us spreading the voice. Static analysis is fun... again.
+
== Presentation ==
  
====Join the project====
+
Link to presentation
Orizon wants you!
+
  
The model we follow is the OpenBSD one. Anyone will be free about sending opinions, criticism and patches. If an user will provide a good number of patches showing us he (or she) really wants to collaborate to the project, than he (or she) will be added to Owasp orizon core team.
 
  
If you are a skilled Java developer why don't you consider writing a bunch of code for Orizon? Or, consider joining the project for documentation, advertising, blog maintenance, etc.
 
  
We hope you find the OWASP Orizon Project useful. Please contribute to the project by volunteering for one of the tasks, or by sending your comments, questions, and suggestions to owasp-orizon@owasp.org.
 
  
To join the OWASP Orizon Project mailing list or view the archives, please visit the [http://lists.owasp.org/mailman/listinfo/owasp-orizon subscription page.]
+
== Project Leader ==
  
<!-- ==== Project Identification ====
+
Greg Disney-Leugers
{{:Project Information:template Orizon Project}} -->
+
  
==== Project Details ====
+
== Related Projects ==
{{:GPC Project Details/OWASP Orizon Project | OWASP Project Identification Tab}}
+
  
====Download====
+
* [[OWASP_CISO_Survey]]
  
The latest release is [https://sourceforge.net/projects/orizon/files/orizon-devel/v1.19/orizon_bin_1.19.tar.gz/download 1.19].
 
  
====The blog====
 
  
The Orizon blog is proudly hosted by Wordpress.com [http://owasporizon.wordpress.com here].
+
| valign="top"  style="padding-left:25px;width:200px;" |
  
|
+
== Quick Download ==
  
Proj_Documentation= Available online is an  [http://downloads.sourceforge.net/orizon/The_Owasp_Orizon_Project_Internals_v2.2.ppt?use_mirror=osdn Orizon presentation] given at  [http://www.owasp.org/index.php/OWASP_AppSec_Europe_2008_-_Belgium OWASP AppSec EU 2008] in Ghent, May 2008.
+
*http://sourceforge.net/projects/orizon/files/orizon-devel/v1.19/orizon_bin_1.19.tar.gz/download
 +
 
 +
 
 +
 
 +
== News and Events ==
 +
*February, 2014 - Greg Disney-Leugers adopted the OWASP Orizon project.
 +
*November 2009 - we started moving from current release to the next major bump (v2.0) that will happen next June 2010 during Owasp AppSEC conference in Stockholm.
 +
 
 +
 
 +
== In Print ==
 +
This project can be purchased as a print on demand book from Lulu.com
 +
 
 +
 
 +
==Classifications==
 +
 
 +
  {| width="200" cellpadding="2"
 +
  |-
 +
  | align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]] 
 +
  |-
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Project_Type_Files_TOOL.jpg|link=]]
 +
  |}
 +
 
 +
|}
 +
 
 +
=FAQs=
 +
 
 +
Available online is an  [http://downloads.sourceforge.net/orizon/The_Owasp_Orizon_Project_Internals_v2.2.ppt?use_mirror=osdn Orizon presentation] given at  [http://www.owasp.org/index.php/OWASP_AppSec_Europe_2008_-_Belgium OWASP AppSec EU 2008] in Ghent, May 2008.
  
 
  '''Owasp Orizon Internals @ Owasp AppSec NY 2008, New York 22-25th September 2008'''
 
  '''Owasp Orizon Internals @ Owasp AppSec NY 2008, New York 22-25th September 2008'''
Line 74: Line 114:
 
A slideshare space is available to for the presentations used in Owasp [http://www.slideshare.net/thesp0nge | conferences]
 
A slideshare space is available to for the presentations used in Owasp [http://www.slideshare.net/thesp0nge | conferences]
  
|
+
= Acknowledgements =
 +
==Volunteers==
 +
Orizon is developed by a worldwide team of volunteers. The primary contributors to date have been:
  
Proj_Mail =
+
* Paolo Perego - former project leader
November 2009 - we started moving from current release to the next major bump (v2.0) that will happen next June 2010 during Owasp AppSEC conference in Stockholm.
+
* Steven Evans
 +
* Andres Riancho
 +
* Dinis Cruz
 +
* Mike Duncan
 +
* prashant k v
 +
* Alessio Marziali
 +
* Jason Li
 +
* Nishi Kumar
  
In order to motivate collaboration and to keep track about project improvements, each month a slideshow showing the biggest updates will be published on the Net and over the blog, so anyone can figure it out how to help the project and we're doing for the community
+
==Others==
 +
* [https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008 OWASP Summer of Code 2008]
  
|
+
= Road Map and Getting Involved =
 +
As of Orizon, the priorities are:
 +
* xxx
 +
* xxx
 +
* xxx
  
}}
+
Orizon wants you!
  
 +
The model we follow is the OpenBSD one. Anyone will be free about sending opinions, criticism and patches. If an user will provide a good number of patches showing us he (or she) really wants to collaborate to the project, than he (or she) will be added to Owasp orizon core team.
  
== Project creation ==
+
If you are a skilled Java developer why don't you consider writing a bunch of code for Orizon? Or, consider joining the project for documentation, advertising, blog maintenance, etc.
  
'''OWASP Orizon Project Created! - 09:24, 2 October 2006 (EDT)'''
+
We hope you find the OWASP Orizon Project useful. Please contribute to the project by volunteering for one of the tasks, or by sending your comments, questions, and suggestions.
  
The Open Web Application Security Project is proud to announce the OWASP Orizon Project!
 
  
 +
=Project About=
 +
{{:Project Information:template Orizon Project}} 
  
== Project sponsor ==
+
__NOTOC__ <headertabs />
  
[https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008 OWASP Summer of Code 2008]
+
[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]

Latest revision as of 20:05, 2 March 2015

[editar]

Low activity.jpg

OWASP Orizon

OWASP Orizon is...

Introduction

The quest for secure code is what all developers want to achieve (at least we hope so). Software must be reliable. Software must be strong. Software must be secure.

How secure does my software have to be? The correct answer is hard to find. But security is a problem that even a development team must consider.

Should skilled developers also be security gurus? Not necessarily, but it is important to provide security tools that will augment their development skills. And so our quest for secure code begins...

The OWASP Orizon project was created with the aim of providing a common ground for safe coding and code review methodologies to be applied to software. The project is approaching its first major release and it will be able to be used in a production environment in the near future.

Orizon must give thanks to Findbugs, the OWASP LAPSE Project, RATS, and Flawfinder for ideas and inspiration.

The Orizon project, hosted by Sourceforge, is here.


Description

Owasp Orizon is a code review tool intended to be used from security specialist to perform white box assessment. Orizon exposes also a set of APIs that can be used within a security tool to provide code review services.


Licensing

OWASP XXX is free to use. It is licensed under the GNU General Public License version 3.0 (GPLv3).


What is Orizon?

OWASP Orizon provides:

  • a tool a security specialist (or a developer with hackish state-of-mind) can use to perform code reviews
  • an engine a developer can embed in his application to provide code review services


Presentation

Link to presentation



Project Leader

Greg Disney-Leugers

Related Projects


Quick Download


News and Events

  • February, 2014 - Greg Disney-Leugers adopted the OWASP Orizon project.
  • November 2009 - we started moving from current release to the next major bump (v2.0) that will happen next June 2010 during Owasp AppSEC conference in Stockholm.


In Print

This project can be purchased as a print on demand book from Lulu.com


Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files TOOL.jpg

Available online is an Orizon presentation given at OWASP AppSec EU 2008 in Ghent, May 2008.

Owasp Orizon Internals @ Owasp AppSec NY 2008, New York 22-25th September 2008

Orizon@AppSec NY 2008

Owasp Orizon Internals @ Owasp AppSec EU 2008, Ghent 21-22nd May 2008

Orizon@AppSec EU 2008

Owasp Orizon Internals @ Owasp Day Italy 2008, Rome 31st March 2008

Orizon@Owasp Day in Italy

OWASP Orizon Project @ SMAU eAcademy, Milan 4-7th October 2006

I will talk to SMAU eAcademy2006 next Saturday 7th October 2006 about code review and safe coding. Here you can find more information (for now, only in Italian). The last part of the speech will be about introducing the Orizon project and giving a development roadmap.

A slideshare space is available to for the presentations used in Owasp | conferences

Volunteers

Orizon is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • Paolo Perego - former project leader
  • Steven Evans
  • Andres Riancho
  • Dinis Cruz
  • Mike Duncan
  • prashant k v
  • Alessio Marziali
  • Jason Li
  • Nishi Kumar

Others

As of Orizon, the priorities are:

  • xxx
  • xxx
  • xxx

Orizon wants you!

The model we follow is the OpenBSD one. Anyone will be free about sending opinions, criticism and patches. If an user will provide a good number of patches showing us he (or she) really wants to collaborate to the project, than he (or she) will be added to Owasp orizon core team.

If you are a skilled Java developer why don't you consider writing a bunch of code for Orizon? Or, consider joining the project for documentation, advertising, blog maintenance, etc.

We hope you find the OWASP Orizon Project useful. Please contribute to the project by volunteering for one of the tasks, or by sending your comments, questions, and suggestions.



PROJECT IDENTIFICATION
Project Name OWASP Orizon Project
Short Project Description This project born in 2006 in order to provide a framework to all Owasp projects developing code review services. The project is in a quite stable stage and it is usable for Java static code review and some dynamic tests against XSS. Owasp Orizon includes also APIs for code crawling, usable for code crawling tools.
Key Project Information Project Leader
Paolo Perego
Project Contributors
See here
Mailing list
Subscribe here
Use here

License
Creative Commons Attribution Share Alike 3.0

Project Type
Tool

Sponsor
OWASP SoC 08
Release Status Main Links Related Projects

Beta Quality
Please see here for complete information.

The Owasp OrizonProject in Power Point
Orizon Safe coding and beyond - Word File
Orizon 1.19 - The Latest Release
Orizon internal draft
Orizon site at sourceforge
Orizon blog

OWASP Code Review Guide


Pages in category "OWASP Orizon Project"

This category contains only the following page.