This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Category:OWASP Project Release Quality Projects Requirements
From OWASP
Project Release Quality Projects Requirements
For a tool to be release quality it would need to:
Agreed to requirements (which will still be updated, improved on)
Requirements:
- Be reasonably useful
- Be reasonably easy to use
- Have an easy to use installer
- Have its code in Googlecode, or Sourceforge
- Include user documentation
- Include documentation on how to build it from code
- Add a common About Box (or help menu), regardless of language which lists name of tool, author, e-mail address of author, current version number and/or release date
Recommendations:
- Include online documention built into tool (based on required user documentation)
- Java projects (if appropriate) should be run through Fortify Software engine. [WebGoat would not be appropriate for example since it would light up like a Christmas tree :-)]
(Additional suggestions / contributions)
- Include UAT pass on functionality requirements of the tool
- Ask the developers to document any limitations
- Question Human Computer Interaction (HCI) and the user interface
- Overview of scanning the codebase findings (say findbugs)
This category currently contains no pages or media.