Category:OWASP Source Code Review OWASP Projects Project
|Project Name||OWASP Source Code Review OWASP-Projects Project|
|Short Project Description||The objectives of this project are: 1. Develop and document a workflow for FLOSS projects to incorporate static analysis into the Software Development Life Cycle (SDLC); 2. Apply the above workflow as a required step for OWASP projects; 3. Aid in auditing select FLOSS projects to create a baseline for comparing security amongst FLOSS projects.|
|Project key Information||Project Leader
SoC's Project Leader
Creative Commons Attribution Share Alike 3.0
OWASP SoC 08
|Release Status||Main Links||Related Projects|
The OWASP Source Code Review integrates OWASP projects with the Fortify Open Review Process. Therefore, any open source project using this workflow must first be added as an OWASP project as illustrated in images/c/c2/Workflow_Draft1.pdf.
OWASP Projects Scanned
Non-OWASP projects scanned in MediaWiki, WordPress, and many others. See owasp.fortify.com for details.
We need OWASP project leaders to submit their projects for review. We will work with you to upload your project and review the findings, so that we can get each OWASP project to show zero defects.
Please go to https://lists.owasp.org/mailman/listinfo/owasp-scode-review-owasp-projects to subscribe to the list to contact us. You can post to the mailing list by emailing .
Project lead: James Walden
Contributors: Maureen Doyle, Grant Welch, Michael Whelan
Reviewers: Marco Morano, Alex Fry
This category currently contains no pages or media.