The Owasp Orizon Framework

From OWASP
Revision as of 16:20, 2 September 2008 by Thesp0nge (Talk | contribs)

Jump to: navigation, search

OWASP Code Review Guide Table of Contents

A lot of open source projects exist in the wild performing static code review analysis. This is good, it means that source code testing for security issues is becoming a constraint.

Such tools bring a lot of valuable points:

  • community support
  • source code freely available to anyone
  • costs

On the other side, these tools don't share the most valuable point among them: the security knowledge. All these tools have their own security library with a lot of checks contained into without sharing such knowledge.

In 2006 Owasp Orizon project is born to provide a common underlying layer to all opensource projects concern static analysis.