Difference between revisions of "Project Information:template Securing WebGoat using ModSecurity - Final Review - Second Reviewer - F"

From OWASP
Jump to: navigation, search
 
Line 21: Line 21:
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
2. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications#Securing WebGoat using ModSecurity|'''the assumed ones''']], please quantify in terms of percentage.
 
2. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications#Securing WebGoat using ModSecurity|'''the assumed ones''']], please quantify in terms of percentage.
  | colspan="2" style="width:75%; background:#cccccc" align="left"| 100%, yet considering the beta quality it is not 100% white. However, as long as webgoat is beta and certain important aspects of ModSecurity are considered experimental, there is no way you can be better than beta.
+
  | colspan="2" style="width:75%; background:#cccccc" align="left"| 85%, which is not quite 90%. However, as long as webgoat is beta and certain important aspects of ModSecurity are considered experimental, this is already very much. I believe the developer was not aware of how dynamic Webgoat still was. And the he only discovered the need to use of experimental features in ModSecurity during the project. This used a lot of time.
 
  |-  
 
  |-  
 
  | style="width:25%; background:#7B8ABD" align="center"|
 
  | style="width:25%; background:#7B8ABD" align="center"|

Latest revision as of 16:46, 27 October 2008

Clik here to return to the previous page.

FINAL REVIEW
PART I

Project Deliveries & Objectives

OWASP Securing WebGoat using ModSecurity Project's Deliveries & Objectives

QUESTIONS ANSWERS

1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised.

The project deliveries & objectives have been accomplished, despite a very ambitious goal and certain knowledge gab in the start phase of the project. Stephen coped with this very well.

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage.

85%, which is not quite 90%. However, as long as webgoat is beta and certain important aspects of ModSecurity are considered experimental, this is already very much. I believe the developer was not aware of how dynamic Webgoat still was. And the he only discovered the need to use of experimental features in ModSecurity during the project. This used a lot of time.

3. Please do use the right hand side column to provide advice and make work suggestions.

No further advice and suggestions needed.
PART II

Assessment Criteria

OWASP Project Assessment Criteria

QUESTIONS ANSWERS

1. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Alpha Quality status?

All criteria in terms of Alpha Quality fulfilled.

2. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Beta Quality status?

It is close to this stage. More interlinking should be done though. For example a link on the webgoat page (in the category section for example) would be helpful for finding the project.

3. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Release Quality status?

does not apply (yet)

4. Please do use the right hand side column to provide advice and make work suggestions.