This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Category:OWASP Project Assessment

Jump to: navigation, search


OWASP has created a system to review projects and the project's releases to determine the quality level achieved. The initial creation of an assessment criteria was created for the OWASP Summer of Code 2008. Though created to benchmark the quality of SoC 2008 projects, it was also applied to new projects created outside the SoC 2008 process. As work began to create the Season of Code 2009 (SoC 2009), the lessons learned by using the first Assessment Criteria were used as input to a new version. The original Assessment Criteria - now called version 1 - was the basis for this new methodology. As a result of reviewing the use of the Assessment Criteria v1 (AC v1), a new assessment criteria was developed that split the review process into projects and releases. Starting with the SoC 2009, AC v2 will be the assessment criteria used to judge the quality of all SoC and new projects.

Versions of the Assessment Criteria

The current assessment criteria is the Assessment Criteria v2.0

Previous versions: