OWASP Code Review Project Roadmap

Revision as of 05:21, 24 May 2006 by Eoin (Talk | contribs)

Jump to: navigation, search

The project's overall goal is to...

be a reference document for the purpose of performing code review. This project shall provide examples in the most common web application development languages (Java and C# .NET)

In the near term, we are focused on the following tactical goals...

  1. 1 Looking at each attack type and examine the anti-pattern associated with the vulnerability which makes the attack possible. This shall include code examples to guide a reviewer on what to look for.
  1. 2 Looking at the code review process, how it is managed and challanges one may encounter when performing code review in the "real world"
  1. 3 Looking at the code review tools available and discussing the benefits and issues of using tools

Here are the current tasks defined to help us achieve these goals

  • Gather existing presentations and email messages and pull ideas into OWASP
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.