Difference between revisions of "OWASP Code Review Project Roadmap"

From OWASP
Jump to: navigation, search
 
Line 1: Line 1:
 
The project's overall goal is to...
 
The project's overall goal is to...
  
  Mission statement here
+
'''be a reference document for the purpose of performing code review. This project shall provide examples in the most common web application development languages (Java and C# .NET)'''
  
 
In the near term, we are focused on the following tactical goals...
 
In the near term, we are focused on the following tactical goals...
  
# one
+
#1 Looking at each attack type and examine the anti-pattern associated with the vulnerability which makes the attack possible. This shall include code examples to guide a reviewer on what to look for.
# two
+
 
# three
+
#2 Looking at the code review process, how it is managed and challanges one may encounter when performing code review in the "real world"
 +
 
 +
#3 Looking at the code review tools available and discussing the benefits and issues of using tools
  
 
Here are the current tasks defined to help us achieve these goals
 
Here are the current tasks defined to help us achieve these goals

Revision as of 05:21, 24 May 2006

The project's overall goal is to...

be a reference document for the purpose of performing code review. This project shall provide examples in the most common web application development languages (Java and C# .NET)

In the near term, we are focused on the following tactical goals...

  1. 1 Looking at each attack type and examine the anti-pattern associated with the vulnerability which makes the attack possible. This shall include code examples to guide a reviewer on what to look for.
  1. 2 Looking at the code review process, how it is managed and challanges one may encounter when performing code review in the "real world"
  1. 3 Looking at the code review tools available and discussing the benefits and issues of using tools

Here are the current tasks defined to help us achieve these goals

  • Gather existing presentations and email messages and pull ideas into OWASP
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.