OWASP - User contributions [en]

Project Information:template Ruby on Rails Security Guide V2 - Final Review - Second Reviewer - F

2008-11-23T15:30:01Z

Stevejones:

[[Project Information:template Ruby on Rails Security Guide V2|Clik here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''FINAL REVIEW'''
|-
| style="width:25%; background:white" align="center"|'''PART I'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|OWASP The Ruby on Rails Security Guide V2 Project's Deliveries & Objectives]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|The project deliveries & objectives have been accomplished.
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|100%
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:white" align="center"|'''PART II'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Assessment Criteria
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[:Category:OWASP Project Assessment|OWASP Project Assessment Criteria]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|The document has reached release quality.
|-
| style="width:25%; background:#7B8ABD" align="center"|
4. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|}

Project Information:template Ruby on Rails Security Guide V2

2008-11-23T15:18:21Z

Stevejones:

{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''PROJECT IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|'''OWASP Ruby on Rails Security Guide V2'''
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|The last security guide for [[:Category:OWASP Web Application Security Put Into Practice|Rails]] was a great success, with a lot of more secure web applications and continued awareness in the community of security issues. The [http://www.rorsecurity.info/ Ruby on Rails Security Project] is the one and only source of information about Rails security topics, and I keep the community up-to-date with blog posts and conference talks in Europe. The Guide and the Project has been mentioned in several Rails books and web-sites.

Version 1 of the Ruby on Rails Security Guide was sponsored by the SpoC 07, set the standard for OWASP programming language specific guides in terms of the topic outline and has been published as a [http://www.lulu.com/content/1412042 book]. Nevertheless I'm convinced that a more compact design and a "question-and-answer" style of writing will reach an even larger audience. Of course the new Guide will still include answers to the OWASP Top Ten security vulnerabilities.

A lot has changed since the publishing of the first Guide. Some new security holes have been found, there are new advises and most importantly Rails version 2.0 has been released. The new Ruby on Rails Security Guide aims at providing an up-to-date coding and configuration guide for the Rails community.
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
| style="width:14%; background:#cccccc" align="center"|Project Leader [mailto:heikowebers(at)gmx.net '''Heiko Webers''']
| style="width:14%; background:#cccccc" align="center"|Project Contributors (if applicable) [mailto:to(at)change '''Name&Email''']
| style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-ruby-on-rails-v2 '''Mailing List/Subscribe'''] [mailto:OWASP-Ruby-on-Rails-V2(at)lists.owasp.org '''Mailing List/Use''']
| style="width:14%; background:#cccccc" align="center"|First Reviewer [mailto:mendrel-a-gmail.com '''Anthony Shireman'''] [[:OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Anthony Shireman Background|Bio]]
| style="width:14%; background:#cccccc" align="center"|Second Reviewer [mailto:jons0022-at-unf.edu '''Steve Jones'''] [[:OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Steve Jones Background|Bio]]
| style="width:15%; background:#cccccc" align="center"|OWASP Board Member [mailto:name(at)name '''Name&Email''']
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''PROJECT MAIN LINKS'''
|-
| style="width:100%; background:#cccccc" align="center"|
* [http://www.owasp.org/images/9/9d/Owasp_rails_security2.pdf '''Download The Ruby on Rails Security Guide version 2''']
* (If appropriate, links to be added)
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''RELATED PROJECTS'''
|-
| style="width:100%; background:#cccccc" align="center"|
[[:Category:OWASP Web Application Security Put Into Practice|OWASP Web Application Security Put Into Practice]]
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''SPONSORS & GUIDELINES'''
|-
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008|Sponsor - '''OWASP Summer of Code 2008''']]
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''Sponsored Project/Guidelines/Roadmap''']]
|}
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' (applicable for Beta Quality & further)
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes, completed by 80%''' --------- [[Project Information:template Ruby on Rails Security Guide V2 - 50 Review - Self Evaluation - A|See&Edit:50% Review/Self-Evaluation (A)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes, updating formatting for final''' --------- [[Project Information:template Ruby on Rails Security Guide V2 - 50 Review - First Reviewer - C|See&Edit: 50% Review/1st Reviewer (C)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Ruby on Rails Security Guide V2 50 Review Second Review E|See&Edit: 50%Review/2nd Reviewer (E)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? Yes, 100%. --------- Which status has been reached? '''Release Quality''' --------- [[Project Information:template Ruby on Rails Security Guide V2 - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes!''' --------- Which status has been reached? '''Release Quality''' --------- [[Project Information:template Ruby on Rails Security Guide V2 - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Release Quality''' --------- [[Project Information:template Ruby on Rails Security Guide V2 - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
| style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Ruby on Rails Security Guide V2 - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
|-
|}

Project Information:template Ruby on Rails Security Guide V2

2008-10-26T19:10:24Z

Stevejones:

{| style="width:100%" border="0" align="center"
! colspan="7" align="center" style="background:#4058A0; color:white"|'''PROJECT IDENTIFICATION'''
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|'''OWASP Ruby on Rails Security Guide V2'''
|-
| style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''
| colspan="6" style="width:85%; background:#cccccc" align="left"|The last security guide for [[:Category:OWASP Web Application Security Put Into Practice|Rails]] was a great success, with a lot of more secure web applications and continued awareness in the community of security issues. The [http://www.rorsecurity.info/ Ruby on Rails Security Project] is the one and only source of information about Rails security topics, and I keep the community up-to-date with blog posts and conference talks in Europe. The Guide and the Project has been mentioned in several Rails books and web-sites.

Version 1 of the Ruby on Rails Security Guide was sponsored by the SpoC 07, set the standard for OWASP programming language specific guides in terms of the topic outline and has been published as a [http://www.lulu.com/content/1412042 book]. Nevertheless I'm convinced that a more compact design and a "question-and-answer" style of writing will reach an even larger audience. Of course the new Guide will still include answers to the OWASP Top Ten security vulnerabilities.

A lot has changed since the publishing of the first Guide. Some new security holes have been found, there are new advises and most importantly Rails version 2.0 has been released. The new Ruby on Rails Security Guide aims at providing an up-to-date coding and configuration guide for the Rails community.
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
| style="width:14%; background:#cccccc" align="center"|Project Leader [mailto:heikowebers(at)gmx.net '''Heiko Webers''']
| style="width:14%; background:#cccccc" align="center"|Project Contributors (if applicable) [mailto:to(at)change '''Name&Email''']
| style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-ruby-on-rails-v2 '''Mailing List/Subscribe'''] [mailto:OWASP-Ruby-on-Rails-V2(at)lists.owasp.org '''Mailing List/Use''']
| style="width:14%; background:#cccccc" align="center"|First Reviewer [mailto:mendrel-a-gmail.com '''Anthony Shireman'''] [[:OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Anthony Shireman Background|Bio]]
| style="width:14%; background:#cccccc" align="center"|Second Reviewer [mailto:jons0022-at-unf.edu '''Steve Jones'''] [[:OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Steve Jones Background|Bio]]
| style="width:15%; background:#cccccc" align="center"|OWASP Board Member [mailto:name(at)name '''Name&Email''']
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''PROJECT MAIN LINKS'''
|-
| style="width:100%; background:#cccccc" align="center"|
* [http://www.owasp.org/index.php/Image:Owasp_rails_security2.pdf '''Download The Ruby on Rails Security Guide version 2''']
* (If appropriate, links to be added)
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''RELATED PROJECTS'''
|-
| style="width:100%; background:#cccccc" align="center"|
[[:Category:OWASP Web Application Security Put Into Practice|OWASP Web Application Security Put Into Practice]]
|}
{| style="width:100%" border="0" align="center"
! colspan="6" align="center" style="background:#4058A0; color:white"|'''SPONSORS & GUIDELINES'''
|-
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008|Sponsor - '''OWASP Summer of Code 2008''']]
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''Sponsored Project/Guidelines/Roadmap''']]
|}
{| style="width:100%" border="0" align="center"
! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
|-
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer''' (applicable for Alpha Quality & further)
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer''' (applicable for Beta Quality & further)
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member''' (applicable just for Release Quality)
|-
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes, completed by 80%''' --------- [[Project Information:template Ruby on Rails Security Guide V2 - 50 Review - Self Evaluation - A|See&Edit:50% Review/Self-Evaluation (A)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes, updating formatting for final''' --------- [[Project Information:template Ruby on Rails Security Guide V2 - 50 Review - First Reviewer - C|See&Edit: 50% Review/1st Reviewer (C)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- [[Project Information:template Ruby on Rails Security Guide V2 50 Review Second Review E|See&Edit: 50%Review/2nd Reviewer (E)]]
| style="width:22%; background:#C2C2C2" align="center"|X
|-
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Ruby on Rails Security Guide V2 - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Ruby on Rails Security Guide V2 - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes''' --------- Which status has been reached? '''Beta''' '''Season of Code''' - (To update) --------- [[Project Information:template Ruby on Rails Security Guide V2 - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
| style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached? '''Yes/No''' (To update) --------- Which status has been reached? '''Season of Code''' - (To update) --------- [[Project Information:template Ruby on Rails Security Guide V2 - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
|-
|}

Project Information:template Ruby on Rails Security Guide V2 - Final Review - Second Reviewer - F

2008-10-26T18:58:59Z

Stevejones:

[[Project Information:template Ruby on Rails Security Guide V2|Clik here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''FINAL REVIEW'''
|-
| style="width:25%; background:white" align="center"|'''PART I'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|OWASP The Ruby on Rails Security Guide V2 Project's Deliveries & Objectives]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|The project deliveries & objectives have been accomplished.
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|100%
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:white" align="center"|'''PART II'''
| colspan="2" style="width:75%; background:white" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
Assessment Criteria
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[:Category:OWASP Project Assessment|OWASP Project Assessment Criteria]]
|-
| style="width:25%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|
4. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|}

Project Information:template Ruby on Rails Security Guide V2 50 Review Second Review E

2008-07-13T18:08:44Z

Stevejones:

[[Project Information:template Ruby on Rails Security Guide V2|Click here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''50% REVIEW PROCESS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|OWASP Ruby on Rails Security Guide v2 Project's Deliveries & Objectives]]
|-
| style="width:25x%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
| style="width:25%; background:#7B8ABD" align="center"|

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|50+
|-
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|OWASP writing style being addressed. There is an abundance of information and it needs a structure to make it more digestible to a consumer.
|}

Project Information:template Ruby on Rails Security Guide V2 50 Review Second Review E

2008-07-13T17:45:21Z

Stevejones:

[[Project Information:template Ruby on Rails Security Guide V2|Click here to return to the previous page]].

{| style="width:100%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white"|'''50% REVIEW PROCESS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
Project Deliveries & Objectives
| colspan="2" style="width:75%; background:#cccccc" align="left"|
[[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|OWASP Ruby on Rails Security Guide v2 Project's Deliveries & Objectives]]
|-
| style="width:25x%; background:#4058A0" align="center"|'''QUESTIONS'''
| colspan="2" style="width:75%; background:#4058A0" align="left"|'''ANSWERS'''
|-
| style="width:25%; background:#7B8ABD" align="center"|
1. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
| colspan="2" style="width:75%; background:#cccccc" align="left"|AAAAAAAAAA
|-
| style="width:25%; background:#7B8ABD" align="center"|

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration [[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|'''the assumed ones''']], please quantify in terms of percentage.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
|-
| style="width:25%; background:#7B8ABD" align="center"|
3. Please do use the right hand side column to provide advice and make work suggestions.
| colspan="2" style="width:75%; background:#cccccc" align="left"|
|}

OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Steve Jones Background

2008-07-13T17:33:10Z

Stevejones:

I'm an independent developer of Ruby on Rails web applications and a student pursuing a masters of software engineering at the University of North Florida here in Jacksonville, Florida. I've concentrated my studies in secure development of web applications and recently completed a directed independent study entitled Security Testing 1st Tier Components of Web Applications. I'm very excited about the successful completion of this second version of OWASP Ruby on Rails Security.

OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers

2008-07-03T16:04:18Z

Stevejones:

This page contains Projects, Authors, Status Target and Reviewers of the sponsored programme [[OWASP Summer of Code 2008]]. 
'''* Please note: The reviewers with the reference ‘Confirmed’ were only confirmed by projects’ authors and are still waiting for OWASP Board confirmation.'''

== DOCUMENTATION PROJECTS ==
{| class="wikitable" style="text-align:center"
! width="600" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="220" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''OWASP Board Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Application Security Verification Standard Project|OWASP Application Security Verification Standard]]'''
| align="CENTER" | Mike Boberski
| align="CENTER" | Beta
| align="CENTER" | [mailto:jeff.williams(at)owasp.org Jeff Williams] (Confirmed)
| align="CENTER" | [mailto:pierre.parrend(at)insa-lyon.fr Pierre Parrend] [http://www.rzo.free.fr Curriculum] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP AppSensor Project|OWASP AppSensor - Detect and Respond to Attacks from Within the Application]]'''
| align="CENTER" | [mailto:michael.coates(at)aspectsecurity.com Michael Coates]
| align="CENTER" | Beta
| align="CENTER" | [mailto:eric.sheridan(at)aspectsecurity.com Eric Sheridan] (Confirmed)
| align="CENTER" | [mailto:thrynn404(at)gmail.com Randy Janinda] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Backend Security Project|OWASP Backend Security Project]]'''
| align="CENTER" | Carlo Pelliccioni
| align="CENTER" | Beta
| align="CENTER" | [mailto:kisero(at)gmail.com Esteban Ribičić] [http://docs.google.com/Doc?id=df9vbj96_120fzfj4kfk Curriculum] (Confirmed)
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Classic ASP Security Project|OWASP Classic ASP Security Project]]'''
| align="CENTER" | Juan Carlos Calderon
| align="CENTER" | Beta
| align="CENTER" | [mailto:kisero(at)gmail.com Esteban Ribičić] [http://docs.google.com/Doc?id=df9vbj96_120fzfj4kfk Curriculum] (Confirmed)
| align="CENTER" | [mailto:andres(at)neurofuzz.com Andres Andreu] (TBC)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Code Review Project|OWASP Code review guide, V1.1]]'''
| align="CENTER" | Eoin Keary
| align="CENTER" | Quality
| align="CENTER" | [mailto:G_Z_Gupta(at)Dell.com Gaurav Gupta] (TBC)
| align="CENTER" | [mailto:psatishkumar(at)gmail.com P.Satish Kumar] [https://www.owasp.org/index.php/User:Satishkumar Curriculum]
| align="CENTER" | Jeff Williams
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:OWASP Corporate Application Security Rating Guide|OWASP Corporate Application Security Rating Guide]]'''
| align="CENTER" | Parvathy Iyer
| align="CENTER" | Quality
| align="CENTER" | [mailto:nkirschner@eisnerllp.com Neal Kirschner] (Confirmed)
| align="CENTER" | [mailto:Omar.Sherin(at)infosec2.com Omar Sherin] TBC
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Education Project|OWASP Education Project]]'''
| align="CENTER" | Martin Knobloch
| align="CENTER" | Quality
| align="CENTER" | [mailto:sebastien.gioria@owasp.fr Sebastien Gioria] [http://www.linkedin.com/in/gioria Curriculum] (Confirmed)
| align="CENTER" | [mailto:namn(at)bluemoon.com.vn Nam Nguyen] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Nguyen Curriculum|Curriculum]] (Confirmed)
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:OWASP Internationalization|OWASP Internationalization Guidelines Project]]'''
| align="CENTER" | Juan Carlos Calderon
| align="CENTER" | Beta
| align="CENTER" | [mailto:fabio.e.cerullo(at)aib.ie Fabio Cerullo] [https://www.owasp.org/index.php/User:Fabio.e.cerullo Curriculum] (Confirmed)
| align="CENTER" | [mailto:rodrigo(at)rmarcos.com Rodrigo Marcos] [https://www.owasp.org/index.php/User:Rodrigo.marcos Curriculum] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP .NET Project#OWASP .NET Project Leader|OWASP .NET Project Leader]]'''
| align="CENTER" | Mark Roxberry
| align="CENTER" | Quality
| align="CENTER" | [mailto:eoinkeary(at)gmail.com Eoin Keary] (Confirmed)
| align="CENTER" | [mailto:dennis.hurst(at)hp.com Dennis Hurst] TBC
| align="CENTER" | Dinis Cruz
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Positive Security Project|OWASP Positive Security Project]]'''
| align="CENTER" | Eduardo Vianna de Camargo Neves
| align="CENTER" | Beta
| align="CENTER" | [mailto:welias(at)conviso.com.br Wagner Elias] (Confirmed)
| align="CENTER" | [mailto:ken(at)krvw.com Kenneth Wyk] TBC
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Ruby on Rails Security Guide V2|OWASP Ruby on Rails Security Guide v2]]'''
| align="CENTER" | Heiko Webers
| align="CENTER" | Quality
| align="CENTER" | [mailto:jons0022-at-unf.edu Steve Jones] [https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Projects_Authors_Status_Target_and_Reviewers_Steve_Jones_Background Profile] (Confirmed)
| align="CENTER" | [mailto:jeff.cabaniss(at)gmail.com Jeff Cabaniss] (Confirmed)
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Securing WebGoat using ModSecurity Project|OWASP Securing WebGoat using ModSecurity]]'''
| align="CENTER" | Stephen Evans
| align="CENTER" | Beta
| align="CENTER" | [mailto:ivan.ristic(at)breach.com Ivan Ristic] & Breach Group (Confirmed)
| align="CENTER" | [mailto:christian.folini(at)netnea.com Christian Folini] [http://www.netnea.com/cms/?q=christian_folini Curriculum] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE"|'''[[:Category:OWASP Source Code Review OWASP Projects Project|OWASP Source Code Review OWASP Projects]]'''
| align="CENTER" | James Walden
| align="CENTER" | Quality
| align="CENTER" | [mailto:afry(at)strongcrypto.biz Alexander Fry] [http://www.linkedin.com/in/alexanderfry Profile] (Confirmed)
| align="CENTER" | [mailto:marco.m.morana(at)gmail.com Marco M. Morana] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Marco M Morana Curriculum|Curriculum]] (Confirmed)
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:OWASP Spanish|OWASP Spanish Project]]'''
| align="CENTER" | Juan Carlos Calderon
| align="CENTER" | Beta
| align="CENTER" | [mailto:fabio.e.cerullo(at)aib.ie Fabio Cerullo] [https://www.owasp.org/index.php/User:Fabio.e.cerullo Curriculum] (Confirmed)
| align="CENTER" | [mailto:rodrigo(at)rmarcos.com Rodrigo Marcos] [https://www.owasp.org/index.php/User:Rodrigo.marcos Curriculum] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Testing Project|OWASP Testing Guide v3]]'''
| align="CENTER" | Matteo Meucci
| align="CENTER" | Quality
| align="CENTER" | [mailto:namn@bluemoon.com.vn Nam Nguyen] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Nguyen Curriculum|Curriculum]] (Confirmed)
| align="CENTER" | [mailto:KFuller@dmv.ca.gov Kevin Fuller] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Fuller Curriculum|Curriculum]] (Confirmed)
| align="CENTER" |
|}

{| class="wikitable" style="text-align:center"
! width="400" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="120" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''3rd Reviewer '''
! width="108" align="CENTER" | '''4th Reviewer '''
! width="108" align="CENTER" | '''OWASP Board Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP ASDR Project|OWASP Application Security Desk Reference (ASDR)]]'''
| align="CENTER" | Leonardo Cavallari Militelli
| align="CENTER" | Quality
| align="CENTER" | [mailto:williamtsmith(at)gmail.com William Smith] [[OWASP SoC 2008 ASDR Reviewers#William Smith | Bio]] (Confirmed)
| align="CENTER" | [mailto:ken(at)krvw.com Kenneth Wyk] [[OWASP SoC 2008 ASDR Reviewers#Kenneth R. van Wyk| Bio]] (Confirmed)
| align="CENTER" | [mailto:kcfredman(at)gmail.com Frederick Donovan] [[OWASP SoC 2008 ASDR Reviewers#Frederick Donovan | Bio]] (Confirmed)
| align="CENTER" | [mailto:Darren.Challey(at)ge.com Darren W. Challey] [[OWASP SoC 2008 ASDR Reviewers#Darren W. Challey | Bio]] (Confirmed)
| align="CENTER" | Jeff Williams (Confirmed)
|}

== TOOLS PROJECTS ==
{| class="wikitable" style="text-align:center"
! width="600" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="220" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''OWASP Board Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:GTK plus GUI for w3af Project|GTK+ GUI for w3af project]]'''
| align="CENTER" | Facundo Batista
| align="CENTER" | Beta
| align="CENTER" | [mailto:andres.riancho(at)gmail.com Andres Riancho] [http://www.linkedin.com/in/ariancho Profile] (Confirmed)
| align="CENTER" | [mailto:ah(at)securenet(dot)de Achim Hoffmann] [https://www.owasp.org/index.php/User:Achim Profile] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Access Control Rules Tester Project|OWASP Access Control Rules Tester]]'''
| align="CENTER" | Andrew Petukhov
| align="CENTER" | Beta
| align="CENTER" | [mailto:caughron(at)gmail.com Mat Caughron] [http://www.linkedin.com/pub/1/A84/998 Profile] (Confirmed)
| align="CENTER" | [mailto:mg_chen(at)yahoo.com Min Chen] [http://www.linkedin.com/in/mgchen Profile] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP AntiSamy Project .NET| OWASP AntiSamy .NET]]'''
| align="CENTER" | Arshan Dabirsiaghi
| align="CENTER" | Quality
| align="CENTER" | [mailto:kisero(at)gmail.com Esteban Ribičić] [http://docs.google.com/Doc?id=df9vbj96_120fzfj4kfk Curriculum] (Confirmed)
| align="CENTER" |
| align="CENTER" | Jeff Williams
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Application Security Tool Benchmarking Environment and Site Generator Refresh Project|OWASP Application Security Tool Benchmarking Environment and Site Generator refresh]]'''
| align="CENTER" | Dmitry Kozlov
| align="CENTER" | Quality
| align="CENTER" | [mailto:mark.roxberry(at)owasp.org Mark Roxberry] [http://www.linkedin.com/in/roxberry Profile] (Confirmed)
| align="CENTER" | [mailto:medelibero(at)gmail.com Mike de Libero] (Confirmed)
| align="CENTER" | Dinis Cruz
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Code Crawler|OWASP Code Crawler ]]'''
| align="CENTER" | Alessio Marziali
| align="CENTER" | Beta
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary] (Confirmed)
| align="CENTER" | [mailto:dinis.cruz(at)owasp.org Dinis Cruz] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Interceptor Project|OWASP Interceptor Project - 2008 Update]]'''
| align="CENTER" | Justin Derry
| align="CENTER" | Quality
| align="CENTER" | [mailto:Nathan.Green(at)ge.com Nathan.Green] (Confirmed)
| align="CENTER" | [mailto:kisero(at)gmail.com Esteban Ribičić] [http://docs.google.com/Doc?id=df9vbj96_120fzfj4kfk Curriculum] (Confirmed)
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP JSP Testing Tool Project|OWASP UI Component Verification Project (a.k.a. OWASP JSP Testing Tool)]]'''
| align="CENTER" | Jason Li
| align="CENTER" | Beta
| align="CENTER" | [mailto:markkerzner(at)gmail.com Mark Kerzner] [http://www.linkedin.com/in/markkerzner Profile] (Confirmed)
| align="CENTER" | [mailto:fabricio.fujikawa(at)infoglobo.com.br Fabrício Fujikawa] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Live CD 2008 Project|OWASP Live CD 2008 Project]]'''
| align="CENTER" | Matt Tesauro
| align="CENTER" | Quality
| align="CENTER" | [mailto:admin@wirefall.com Dustin Dykes] [http://www.linkedin.com/pub/1/607/6b1 Curriculum] (Confirmed)
| align="CENTER" | [mailto:jkpoots(at)rogers.com Kent Poots] [http://www.linkedin.com/pub/5/25B/114 Curriculum] (Confirmed)
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP OpenSign Server Project|OWASP Online code signing and integrity verification service for open source community (OpenSign Server)]]'''
| align="CENTER" | Phil Potisk and Richard Conway
| align="CENTER" | Beta
| align="CENTER" | [mailto:pierre.parrend@insa-lyon.fr Pierre Parrend] [http://www.rzo.free.fr Curriculum] (Confirmed)
| align="CENTER" | [mailto:a_campani@yahoo.fr Antonio Campanile] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP OpenPGP Extensions for HTTP - Enigform and mod openpgp|OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp]]'''
| align="CENTER" | Arturo 'Buanzo' Busleiman
| align="CENTER" | Beta
| align="CENTER" | [mailto:mark.roxberry(at)owasp.org Mark Roxberry] [http://www.linkedin.com/in/roxberry Profile] (Confirmed)
| align="CENTER" | [mailto:dinis.cruz(at)owasp.org Dinis Cruz]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Orizon Project|OWASP Orizon Project]]'''
| align="CENTER" | Paolo Perego
| align="CENTER" | Quality
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary] (Confirmed)
| align="CENTER" | [mailto:seba@deleersnyder.eu Sebastien Deleersnyder] (Confirmed)
| align="CENTER" | [mailto:dinis.cruz@owasp.org Dinis Cruz] (Confirmed)
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Python Static Analysis Project|OWASP Python Static Analysis]]'''
| align="CENTER" | Georgy Klimov
| align="CENTER" | Beta
| align="CENTER" | [mailto:namn@bluemoon.com.vn Nam Nguyen] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Nguyen Curriculum|Curriculum]] (Confirmed)
| align="CENTER" | [mailto:diepvien00thayh@gmail.com P.Q.Huy] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Skavenger Project|OWASP Skavenger]]'''
| align="CENTER" | [mailto:mro(at)securenet.de Matthias Rohr]
| align="CENTER" | Beta
| align="CENTER" | Rogan Dawes Email address? (Confirmed)
| align="CENTER" | [mailto:ah(at)securenet(dot)de Achim Hoffmann] [https://www.owasp.org/index.php/User:Achim Profile] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Sqlibench Project|OWASP SQL Injector Benchmarking Project (SQLiBENCH)]]'''
| align="CENTER" | [mailto:urgunb@hotmail.com Bedirhan Urgun] [mailto:mesut@h-labs.org Mesut Timur]
| align="CENTER" | Beta
| align="CENTER" | [mailto:ferruh@mavituna.com Ferruh Mavituna] [[Project Information:Sqlibench:Ferruh|background info]] (Confirmed)
| align="CENTER" | [mailto:kfuller@dmv.ca.gov Kevin Fuller] [[Project Information:Sqlibench:Kevin|background info]] (Confirmed)
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Teachable Static Analysis Workbench Project|OWASP Teachable Static Analysis Workbench]]'''
| align="CENTER" | [mailto:ddk(at)cs.msu.su Dmitry Kozlov] Igor Konnov
| align="CENTER" | Beta
| align="CENTER" | [mailto:afry(at)strongcrypto.biz Alex Fry] TBC
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP WeBekci Project|OWASP WeBekci Project]]'''
| align="CENTER" | [mailto:bunyamin@owasp.org Bunyamin Demir]
| align="CENTER" | Beta
| align="CENTER" | [mailto:afry(at)strongcrypto.biz Alexander Fry] [http://www.linkedin.com/in/alexanderfry Profile] (Confirmed)
| align="CENTER" | [mailto:stefano.dipaola(at)wisec.it Stefano Di Paola] (Confirmed)
| align="CENTER" | Not applicable
|}

== DESIGN/CORPORATE PROJECTS ==
{| class="wikitable" style="text-align:center"
! width="600" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="220" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''OWASP Board Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Book Cover & Sleeve Design|OWASP Book Cover & Sleeve Design]]'''
| align="CENTER" | LXstudios, [mailto:deb@lxstudios.com Deb Brewer]
| align="CENTER" | Quality
| align="CENTER" | [mailto:yiannis@owasp.org Yiannis Pavlosoglou] [[OWASP NYC AppSec 2008 Conference-SPEAKER-Yiannis Pavlosoglou|Short Bio]] (Confirmed)
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary] (Confirmed)
| align="CENTER" | Dinis Cruz
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[:Category:OWASP Individual and Corporate Member Packs plus Conference Attendee Packs Brief|OWASP Individual & Corporate Member Packs, Conference Attendee Packs Brief]]'''
| align="CENTER" | LXstudios, [mailto:deb@lxstudios.com Deb Brewer]
| align="CENTER" | Quality
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary] (Confirmed)
| align="CENTER" | [mailto:yiannis@owasp.org Yiannis Pavlosoglou] [[OWASP NYC AppSec 2008 Conference-SPEAKER-Yiannis Pavlosoglou|Short Bio]] (Confirmed)
| align="CENTER" | Dinis Cruz
|-

OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Steve Jones Background

2008-07-03T15:56:35Z

Stevejones: New page: I'm an independent developer of Ruby on Rails web applications and a student pursuing a masters of software engineering at the University of North Florida here in Jacksonville, Florida. I'...

User:Steve.jones

2008-07-03T15:51:30Z

OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers

2008-06-14T16:19:30Z

Stevejones:

== DOCUMENTATION PROJECTS ==
{| class="wikitable" style="text-align:center"
! width="400" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="120" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''OWASP Board
Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Application Security Verification Standard|OWASP Application Security Verification Standard]]'''
| align="CENTER" | Mike Boberski
| align="CENTER" | Beta
| align="CENTER" | [mailto:jeff.williams(at)owasp.org Jeff Williams]
| align="CENTER" | [mailto:pierre.parrend(at)insa-lyon.fr Pierre Parrend]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P017 - OWASP AppSensor - Detect and Respond to Attacks from Within the Application|OWASP AppSensor - Detect and Respond to Attacks from Within the Application]]'''
| align="CENTER" | [mailto:michael.coates(at)aspectsecurity.com Michael Coates]
| align="CENTER" | Beta
| align="CENTER" | [mailto:eric.sheridan(at)aspectsecurity.com Eric Sheridan]
| align="CENTER" | [mailto:thrynn404(at)gmail.com Randy Janinda]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Backend Security Project|OWASP Backend Security Project]]'''
| align="CENTER" | Carlo Pelliccioni
| align="CENTER" | Beta
| align="CENTER" |
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Classic ASP Security Project|OWASP Classic ASP Security Project]]'''
| align="CENTER" | Juan Carlos Calderon
| align="CENTER" | Beta
| align="CENTER" | [mailto:kisero(at)gmail.com Esteban Ribičić] 
| align="CENTER" | [mailto:rodrigo@rmarcos.com Rodrigo Marcos]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Code review guide, V1.1|OWASP Code review guide, V1.1]]'''
| align="CENTER" | Eoin Keary
| align="CENTER" | Quality
| align="CENTER" | [mailto:namn(at)bluemoon.com.vn Nam Nguyen]
| align="CENTER" | [mailto:psatishkumar(at)gmail.com P.Satish Kumar] TBC
| align="CENTER" | Jeff Williams
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P006 - OWASP Corporate Application Security Rating Guide|OWASP Corporate Application Security Rating Guide]]'''
| align="CENTER" | Parvathy Iyer
| align="CENTER" | Quality
| align="CENTER" | Neal Kirschner Email address?
| align="CENTER" | [mailto:Omar.Sherin(at)infosec2.com Omar Sherin] TBC
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Education Project|OWASP Education Project]]'''
| align="CENTER" | Martin Knobloch
| align="CENTER" | Quality
| align="CENTER" | [mailto:sebastien.gioria@owasp.fr Sebastien Gioria]
| align="CENTER" | [mailto:namn(at)bluemoon.com.vn Nam Nguyen]
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#Internationalization Guidelines and OWASP-Spanish Project|OWASP Internationalization Guidelines and OWASP-Spanish Project]]'''
| align="CENTER" | Juan Carlos Calderon
| align="CENTER" | Beta
| align="CENTER" | [mailto:fabio.e.cerullo(at)aib.ie Fabio Cerullo]
| align="CENTER" | [mailto:kisero(at)gmail.com Esteban Ribičić] 
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP .NET Project Leader|OWASP .NET Project Leader]]'''
| align="CENTER" | Mark Roxberry
| align="CENTER" | Quality
| align="CENTER" | [mailto:eoinkeary(at)gmail.com Eoin Keary]
| align="CENTER" | [mailto:dennis.hurst(at)hp.com Dennis Hurst] TBC
| align="CENTER" | Dinis Cruz
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P025 OWASP Positive Security Project|OWASP Positive Security Project]]'''
| align="CENTER" | Eduardo Vianna de Camargo Neves
| align="CENTER" | Beta
| align="CENTER" | [mailto:welias(at)conviso.com.br Wagner Elias]
| align="CENTER" | [mailto:ken(at)krvw.com Kenneth Wyk] TBC
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#The Ruby on Rails Security Guide v2|OWASP Ruby on Rails Security Guide v2]]'''
| align="CENTER" | Heiko Webers
| align="CENTER" | Quality
| align="CENTER" | [mailto:steve.jones(at)unf.edu Steve Jones]
| align="CENTER" | [mailto:jeff.cabaniss(at)gmail.com Jeff Cabaniss]
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#Securing WebGoat using ModSecurity|OWASP Securing WebGoat using ModSecurity]]'''
| align="CENTER" | Stephen Evans
| align="CENTER" | Beta
| align="CENTER" | [mailto:ivan.ristic(at)breach.com Ivan Ristic] & Breach Group
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Source Code Review OWASP Projects|OWASP Source Code Review OWASP Projects]]'''
| align="CENTER" | James Walden
| align="CENTER" | Quality
| align="CENTER" | [mailto:afry(at)strongcrypto.biz Alex Fry]
| align="CENTER" | [mailto:marco.m.morana(at)gmail.com Marco M. Morana]
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#The OWASP Testing Guide v3|OWASP Testing Guide v3]]'''
| align="CENTER" | Matteo Meucci
| align="CENTER" | Quality
| align="CENTER" |
| align="CENTER" |
| align="CENTER" |
|}

{| class="wikitable" style="text-align:center"
! width="400" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="120" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''3rd Reviewer '''
! width="108" align="CENTER" | '''4th Reviewer '''
! width="108" align="CENTER" | '''OWASP Board
Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#The Application Security Desk Reference - ASDR|OWASP Application Security Desk Reference (ASDR)]]'''
| align="CENTER" | Leonardo Cavallari Militelli
| align="CENTER" | Quality
| align="CENTER" | [mailto:williamtsmith(at)gmail.com William Smith]
| align="CENTER" | [mailto:ken(at)krvw.com Kenneth Van Wyk]
| align="CENTER" | [mailto:kcfredman(at)gmail.com Frederick Donovan]
| align="CENTER" |
| align="CENTER" | Jeff Williams
|}

== TOOLS PROJECTS ==
{| class="wikitable" style="text-align:center"
! width="400" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="120" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''OWASP Board
Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#GTK+ GUI for w3af project|GTK+ GUI for w3af project]]'''
| align="CENTER" | Facundo Batista
| align="CENTER" | Beta
| align="CENTER" | [mailto:andres.riancho(at)gmail.com Andres Riancho]
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P022_-_OWASP_Access_Control_Rules_Tester|OWASP Access Control Rules Tester]]'''
| align="CENTER" | Andrew Petukhov
| align="CENTER" | Beta
| align="CENTER" | [mailto:caughron(at)gmail.com Mat Caughron] TBC
| align="CENTER" | [mailto:mg_chen(at)yahoo.com Min Chen] TBC
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP AntiSamy .NET| OWASP AntiSamy .NET]]'''
| align="CENTER" | Arshan Dabirsiaghi
| align="CENTER" | Beta
| align="CENTER" | [mailto:dallasspohn(at)sbcglobal.net Dallas Spohn] TBC
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#P003/P013 - OWASP Application Security Tool Benchmarking Environment and Site Generator refresh.=|OWASP Application Security Tool Benchmarking Environment and Site Generator refresh]]'''
| align="CENTER" | Dmitry Kozlov
| align="CENTER" | Quality
| align="CENTER" | [mailto:mark.roxberry(at)owasp.org Mark Roxberry]
| align="CENTER" | [mailto:medelibero(at)gmail.com Mike de Libero]
| align="CENTER" | Dinis Cruz
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Code Crawler|OWASP Code Crawler ]]'''
| align="CENTER" | Alessio Marziali
| align="CENTER" | Beta
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary]
| align="CENTER" | [mailto:dinis.cruz(at)owasp.org Dinis Cruz]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP Interceptor Project - 2008 Update|OWASP Interceptor Project - 2008 Update]]'''
| align="CENTER" | Justin Derry
| align="CENTER" | Quality
| align="CENTER" | [mailto:dallasspohn(at)sbcglobal.net Dallas Spohn] TBC
| align="CENTER" |
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#P028 - OWASP UI Component Verification Project (a.k.a. OWASP JSP Testing Tool)|OWASP UI Component Verification Project (a.k.a. OWASP JSP Testing Tool)]]'''
| align="CENTER" | Jason Li
| align="CENTER" | Beta
| align="CENTER" | [mailto:markkerzner(at)gmail.com Mark Kerzner]
| align="CENTER" | [mailto:fabricio.fujikawa(at)infoglobo.com.br Fabrício Fujikawa] TBC
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Live CD 2008 Project|OWASP Live CD 2008 Project]]'''
| align="CENTER" | Matt Tesauro
| align="CENTER" | Quality
| align="CENTER" | [mailto:admin@wirefall.com Dustin Dykes] [http://www.linkedin.com/pub/1/607/6b1 Curriculum]
| align="CENTER" | [mailto:jkpoots(at)rogers.com Kent Poots] TBC
| align="CENTER" |
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#Online code signing and integrity verification service for open source community (OpenSign Server)|OWASP Online code signing and integrity verification service for open source community (OpenSign Server)]]'''
| align="CENTER" | Phil Potisk and Richard Conway
| align="CENTER" | Beta
| align="CENTER" | [mailto:pierre.parrend@insa-lyon.fr Pierre Parrend] [http://www.rzo.free.fr Curriculum]
| align="CENTER" | [mailto:a_campani@yahoo.fr Antonio Campanile]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OpenPGP Extensions for HTTP - Enigform and mod_openpgp|OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp]]'''
| align="CENTER" | Arturo 'Buanzo' Busleiman
| align="CENTER" | Quality
| align="CENTER" | [mailto:mark.roxberry(at)owasp.org Mark Roxberry]
| align="CENTER" |
| align="CENTER" | [mailto:dinis.cruz(at)owasp.org Dinis Cruz]
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#The Owasp Orizon Project|OWASP Orizon Project]]'''
| align="CENTER" | Paolo Perego
| align="CENTER" | Quality
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary]
| align="CENTER" | [mailto:seba@deleersnyder.eu Sebastien Deleersnyder] TBC
| align="CENTER" | [mailto:dinis.cruz@owasp.org Dinis Cruz]
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Python Static Analysis|OWASP Python Static Analysis]]'''
| align="CENTER" | Georgy Klimov
| align="CENTER" | Beta
| align="CENTER" | [mailto:namn@bluemoon.com.vn Nam Nguyen] [[OWASP Summer of Code 2008 Projects Authors Status Target and Reviewers Nguyen Curriculum|Curriculum]]
| align="CENTER" | [mailto:diepvien00thayh@gmail.com P.Q.Huy]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Skavenger|OWASP Skavenger]]'''
| align="CENTER" | [mailto:mro(at)securenet.de Matthias Rohr]
| align="CENTER" | Beta
| align="CENTER" | Rogan Dawes Email address?
| align="CENTER" | [mailto:ah@securenet.de Achim Hoffmann]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#SQL Injector Benchmarking Project (SQLiBENCH)|OWASP SQL Injector Benchmarking Project (SQLiBENCH)]]'''
| align="CENTER" | [mailto:urgunb@hotmail.com Bedirhan Urgun] [mailto:mesut@h-labs.org Mesut Timur]
| align="CENTER" | Beta
| align="CENTER" | [mailto:ferruh@mavituna.com Ferruh Mavituna] [[Project Information:Sqlibench:Ferruh|background info]]
| align="CENTER" | [mailto:kfuller@dmv.ca.gov Kevin Fuller] [[Project Information:Sqlibench:Kevin|background info]]
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#Teachable Static Analysis Workbench|OWASP Teachable Static Analysis Workbench]]'''
| align="CENTER" | [mailto:ddk(at)cs.msu.su Dmitry Kozlov] Igor Konnov
| align="CENTER" | Beta
| align="CENTER" | [mailto:afry(at)strongcrypto.biz Alex Fry] TBC
| align="CENTER" |
| align="CENTER" | Not applicable
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#OWASP-WeBekci Project|OWASP WeBekci Project]]'''
| align="CENTER" | [mailto:bunyamin@owasp.org Bunyamin Demir]
| align="CENTER" | Beta
| align="CENTER" | [mailto:afry(at)strongcrypto.biz Alex Fry] TBC
| align="CENTER" |
| align="CENTER" | Not applicable
|}

== DESIGN/CORPORATE PROJECTS ==
{| class="wikitable" style="text-align:center"
! width="400" height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | Application
! width="120" align="CENTER" | '''Author'''
! width="60" align="CENTER" | [[:Category:OWASP Project Assessment|'''Status Target''']]
! width="108" align="CENTER" | '''1st Reviewer'''
! width="108" align="CENTER" | '''2nd Reviewer '''
! width="108" align="CENTER" | '''OWASP Board
Reviewer
'''
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP_Book_Cover_.26_Sleeve_Design|OWASP Book Cover & Sleeve Design]]'''
| align="CENTER" | LXstudios, [mailto:deb@lxstudios.com Deb Brewer]
| align="CENTER" | Quality
| align="CENTER" | [mailto:yiannis@owasp.org Yiannis Pavlosoglou] (TBC)
| align="CENTER" | [mailto:kris_seeburn@utm.intnet.mu Kris Seeburn] (TBC)
| align="CENTER" | Dinis Cruz
|-
| height="18" bgcolor="#FFFFFF" align="CENTER" valign="MIDDLE" | '''[[OWASP Summer of Code 2008 Applications#OWASP Individual & Corporate Member Packs, Conference Attendee Packs Brief|OWASP Individual & Corporate Member Packs, Conference Attendee Packs Brief]]'''
| align="CENTER" | LXstudios, [mailto:deb@lxstudios.com Deb Brewer]
| align="CENTER" | Quality
| align="CENTER" | [mailto:eoinkeary@gmail.com Eoin Keary]
| align="CENTER" | [mailto:yiannis@owasp.org Yiannis Pavlosoglou] (TBC)
| align="CENTER" | Dinis Cruz
|-