Difference between revisions of "Category:OWASProfiler Project"

From OWASP
Jump to: navigation, search
m (placeholder for the OWASProfiler)
m
 
(One intermediate revision by one user not shown)
Line 1: Line 1:
OWASProfiler will be an automated application profiling tool that can be used to assist with review scoping refinement. It will attempt to gauge the size and complexity of an application and utilize a standard ranking system specified in the Masters thesis '''"Metrics Standardization of Automated Application Profiling for Review Scoping Refinement"''' by Jeremy Ferragamo of Aspect Security (Academic Advisor: Goran Trajkovski).
+
'''OWASProfiler''' will be an automated application profiling tool that can be used to assist with review scoping refinement. It will attempt to gauge the size and complexity of an application and utilize a standard ranking system specified in the Masters thesis '''"Metrics Standardization of Automated Application Profiling for Review Scoping Refinement"''' by Jeremy Ferragamo of Aspect Security ([[http://www.towson.edu Towson University]] Academic Advisor: [[http://pages.towson.edu/gtrajkov/ Goran Trajkovski, PhD]].).
  
 
==Goals==
 
==Goals==
Line 5: Line 5:
  
 
== Overview ==
 
== Overview ==
A lack of standardized metrics for performing automated application profiling bares a direct correlation to frequently under-scoped review efforts. Although there are many dimensions to what constitutes an under-scoped effort for a particular institution or a particular type of review or maintenance effort, automated application profiling plays a crucial role in scoping. Independent of the resources available to that institution a robust and non-disputable understanding of what is involved could help deter both the misallocation and under-allocation of available resources and funding. It should also be mentioned that without a standardized approach for determining the size and complexity of an application, clients run the risk of project reviews being over-scoped resulting in excessive and unnecessary expenditures.
+
"A lack of standardized metrics for performing automated application profiling bares a direct correlation to frequently under-scoped review efforts. Although there are many dimensions to what constitutes an under-scoped effort for a particular institution or a particular type of review or maintenance effort, automated application profiling plays a crucial role in scoping. Independent of the resources available to that institution a robust and non-disputable understanding of what is involved could help deter both the misallocation and under-allocation of available resources and funding. It should also be mentioned that without a standardized approach for determining the size and complexity of an application, clients run the risk of project reviews being over-scoped resulting in excessive and unnecessary expenditures."
  
 
The framework specified in the thesis will be implemented and incremental updates will be provided as more languages and technologies are supported in the analysis process.
 
The framework specified in the thesis will be implemented and incremental updates will be provided as more languages and technologies are supported in the analysis process.
Line 11: Line 11:
 
== Project Contributors ==
 
== Project Contributors ==
 
The OWASProfiler project is run by Jeremy Ferragamo of Aspect Security, Inc. He can be contacted at '''jeremy DOT ferragamo AT aspectsecurity.com'''. There are no OWASProfiler distributions yet, but they will be maintained on [[http://www.sourceforge.net SourceForge]]. When completed, the OWASProfiler framework will make it extremely easy to support additional languages.
 
The OWASProfiler project is run by Jeremy Ferragamo of Aspect Security, Inc. He can be contacted at '''jeremy DOT ferragamo AT aspectsecurity.com'''. There are no OWASProfiler distributions yet, but they will be maintained on [[http://www.sourceforge.net SourceForge]]. When completed, the OWASProfiler framework will make it extremely easy to support additional languages.
 +
 +
==Timeline==
 +
'''August 2007:''' Projected completion date of Master's thesis with specification of the intended framework.
 +
 +
'''December 2007:''' Projected completion date of framework and initially supported language (Java).

Latest revision as of 14:24, 26 March 2007

OWASProfiler will be an automated application profiling tool that can be used to assist with review scoping refinement. It will attempt to gauge the size and complexity of an application and utilize a standard ranking system specified in the Masters thesis "Metrics Standardization of Automated Application Profiling for Review Scoping Refinement" by Jeremy Ferragamo of Aspect Security ([Towson University] Academic Advisor: [Goran Trajkovski, PhD].).

Contents

Goals

Provide a tool that can be used as an industry standard for gauging the size and complexity of applications based on a specified ranking system.

Overview

"A lack of standardized metrics for performing automated application profiling bares a direct correlation to frequently under-scoped review efforts. Although there are many dimensions to what constitutes an under-scoped effort for a particular institution or a particular type of review or maintenance effort, automated application profiling plays a crucial role in scoping. Independent of the resources available to that institution a robust and non-disputable understanding of what is involved could help deter both the misallocation and under-allocation of available resources and funding. It should also be mentioned that without a standardized approach for determining the size and complexity of an application, clients run the risk of project reviews being over-scoped resulting in excessive and unnecessary expenditures."

The framework specified in the thesis will be implemented and incremental updates will be provided as more languages and technologies are supported in the analysis process.

Project Contributors

The OWASProfiler project is run by Jeremy Ferragamo of Aspect Security, Inc. He can be contacted at jeremy DOT ferragamo AT aspectsecurity.com. There are no OWASProfiler distributions yet, but they will be maintained on [SourceForge]. When completed, the OWASProfiler framework will make it extremely easy to support additional languages.

Timeline

August 2007: Projected completion date of Master's thesis with specification of the intended framework.

December 2007: Projected completion date of framework and initially supported language (Java).

This category currently contains no pages or media.