This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP Open Review Project"
| Line 1: | Line 1: | ||
| + | [[:Category:OWASP Project|Click here to return to OWASP Projects page.]]<br> | ||
| + | [[:Project Information:template Open Review Project|Click here to see (& edit, if wanted) the template.]] | ||
{{:Project Information:template Open Review Project}} | {{:Project Information:template Open Review Project}} | ||
| + | [[Category:OWASP Project]] | ||
== Overview == | == Overview == | ||
Revision as of 17:05, 18 July 2008
Click here to return to OWASP Projects page.
Click here to see (& edit, if wanted) the template.
| PROJECT IDENTIFICATION | ||||||
|---|---|---|---|---|---|---|
| Project Name | OWASP Open Review Project (ORPRO) | |||||
| Short Project Description | The OWASP Open Review Project (ORPRO) is a project to openly check open source libraries and software that are vital to most commercial and non-commercial apps around. | |||||
| Email Contacts | Project Leaders Mario de Boer Dan Cornell |
Project Contributors (if applicable) Name&Email |
Mailing List/subscribe | First Reviewer Name |
Second Reviewer Name |
OWASP Board Member (if applicable) Name&Email |
| PROJECT MAIN LINKS | |||||
|---|---|---|---|---|---|
| |||||
| SPONSORS & GUIDELINES | |||||
|---|---|---|---|---|---|
| Fortify Software | Guidelines/Roadmap | ||||
| ASSESSMENT AND REVIEW PROCESS | ||||
|---|---|---|---|---|
| Review/Reviewer | Author's Self Evaluation (applicable for Alpha Quality & further) |
First Reviewer (applicable for Alpha Quality & further) |
Second Reviewer (applicable for Beta Quality & further) |
OWASP Board Member (applicable just for Release Quality) |
| First Review | Objectives & Deliveries reached? Not yet (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See&Edit: First Review/SelfEvaluation (A) |
Objectives & Deliveries reached? Not yet (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See&Edit: First Review/1st Reviewer (B) |
Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See&Edit: First Review/2nd Reviewer (C) |
Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See/Edit: First Review/Board Member (D) |
Overview
We are surrounded by open source software. Not only the open source software all of us use, also many of the commercial applications contain open source libraries. Think of server and desktop software, but don't forget routers, cars, phones, open source is everywhere.
In the OWASP Open Review Project (ORPRO) we perform open reviews of open source projects. We focus on security, are independent, and use the excellent deliverables from other OWASP projects to achieve traceable assurance statements on the security of the code. Users, both end-users and organizations using open source in their products, may benefit from ORPRO’s results.
Project Goals
- Independent security review of open source projects;
- Centrally managed review projects;
- Independent statement on what is reviewed and by whom, resulting in a form of assurance that the software is free from security bugs;
- Analysis not limited to code review, including digging into hard algorithms (compression, crypto, etc);
- Responsible disclosure of any security vulnerabilities discovered.
News
5 June 2008 OWASP ORPRO launched
Get involved
Security review takes both time and expertise. We need people with good secure coding skills in C, C++, .NET, Java, php, etc and that have the audacity to review some of the most popular open source projects around.
Please go to https://lists.owasp.org/mailman/listinfo/open-review-project to subscribe to the list. You can post to the ORPRO mailing list by emailing [email protected].
People
Project lead: Mario de Boer.
Contributors: None yet, any help more than appreciated.
This category currently contains no pages or media.
