Project Information:template Orizon Project - Final Review - Self Evaluation - B

From OWASP
Revision as of 12:06, 12 November 2008 by Thesp0nge (Talk | contribs)

Jump to: navigation, search

Clik here to return to the previous page.

FINAL REVIEW
PART I

Project Deliveries & Objectives

OWASP Orizon Project's Deliveries & Objectives

QUESTIONS ANSWERS

1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised.

The main goal of the Owasp Orizon project is to provide a set of APIs and a security check library to let people who want to write a static analyzer to use it as engine. In this perspective the goal has completely accomplished. The second and minor goal is to provide an embedded tool that uses Orizon APIs. Considering this, a lot of work needs to be done in having a release quality project.

In fact the goals that were not reached are:

  • having all Owasp Code Review Guide security checks in the embedded library
  • having the embedded tool a more usable GUI
  • having a complete documentation reference of the APIs
  • having a binary package for Win32 and UNIX/Linux architectures (Mac OS X Application is available at sourceforge).

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage.

Project deliveries & objectives are accomplished about by the 90%

3. What kind of help is required either from the Reviewers or from the OWASP Community?

From Eoin, I need some brainstorming in dividing security flaws in categories and having them in the Code Review Guide (so we can match Orizon and the Guide). From the Owasp community I need, during the next season of (cleanup/consolidation/...):

  • developers :-)
  • testing
PART II

Assessment Criteria

OWASP Project Assessment Criteria

QUESTIONS ANSWERS

1. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Alpha Quality status?

None

2. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Beta Quality status?

The installer, but having in mind that Orizon is first an engine to be used in other applications an installer can be a less priority issue.

3. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Release Quality status?

The online documentation and a usable GUI for the embedded static analyzer provided with the engine.

4. What kind of help is required either from the Reviewers or from the OWASP Community?

From Eoin, I need some brainstorming in dividing security flaws in categories and having them in the Code Review Guide (so we can match Orizon and the Guide). From the Owasp community I need, during the next season of (cleanup/consolidation/...):

  • developers :-)
  • testing