This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP Project Assessment - Update"
(→Beta Quality Tool Criteria) |
|||
(4 intermediate revisions by 2 users not shown) | |||
Line 3: | Line 3: | ||
<br> | <br> | ||
<br> | <br> | ||
− | + | = Assessment Criteria version 2.0 = | |
+ | |||
The following defines the quality levels for OWASP TOOLS and DOCUMENTATION (Projects). Rating projects against these criteria aid in recognizing excellent contributions and identifying projects in need of further work. [[:Category:OWASP_Project | All existing OWASP projects and their current ratings are here]]. | The following defines the quality levels for OWASP TOOLS and DOCUMENTATION (Projects). Rating projects against these criteria aid in recognizing excellent contributions and identifying projects in need of further work. [[:Category:OWASP_Project | All existing OWASP projects and their current ratings are here]]. | ||
Line 32: | Line 33: | ||
'''Recommendations:''' | '''Recommendations:''' | ||
* Conference style Powerpoint presentation that describes the use and status of the tool. (This could be used by others to discuss the tool at OWASP Chapter meetings, serve as easy to review offline documentation, etc.) | * Conference style Powerpoint presentation that describes the use and status of the tool. (This could be used by others to discuss the tool at OWASP Chapter meetings, serve as easy to review offline documentation, etc.) | ||
− | |||
* UAT pass on functionality of the tool | * UAT pass on functionality of the tool | ||
* Developer documents any limitations | * Developer documents any limitations | ||
Line 151: | Line 151: | ||
* Clear efforts to interlink this document to other appropriate Beta and Release Quality OWASP Documentation and Tools projects have been made. | * Clear efforts to interlink this document to other appropriate Beta and Release Quality OWASP Documentation and Tools projects have been made. | ||
* When approved to be Beta Quality: Update the link to it on: the [[:Category:OWASP_Project | OWASP Project]] page and update [[:Category:OWASP Beta Quality Document|its project quality tag]] on its project page to be Beta. | * When approved to be Beta Quality: Update the link to it on: the [[:Category:OWASP_Project | OWASP Project]] page and update [[:Category:OWASP Beta Quality Document|its project quality tag]] on its project page to be Beta. | ||
+ | * 5 slide deck for OWASP Boot Camp project | ||
| style="width:20%; background:#e6e6e6" align="left"| | | style="width:20%; background:#e6e6e6" align="left"| | ||
* '''Requirement''': 2 Reviewers. | * '''Requirement''': 2 Reviewers. |
Latest revision as of 17:17, 9 March 2009
THIS PAGE IS BEING USED TO COLLECT CONTRIBUTIONS TO UPDATE THE OWASP ASSESSMENT CRITERIA. PLEASE FEEL FREE TO UPDATE IT WITH YOUR PROPOSALS.
Assessment Criteria version 2.0
The following defines the quality levels for OWASP TOOLS and DOCUMENTATION (Projects). Rating projects against these criteria aid in recognizing excellent contributions and identifying projects in need of further work. All existing OWASP projects and their current ratings are here.
The Tool ratings are reasonably complete. The documentation rates still need to be developed.
Assessment Scale for OWASP TOOLS Projects
Release Quality Tool Criteria
Class | Criteria | Review Process | Example |
Release Quality OWASP Tools |
All Beta Quality Requirements plus:
Recommendations:
|
|
OWASP WebGoat Project |
Beta Quality Tool Criteria
Class | Criteria | Review Process | Example |
Beta Quality OWASP Tools |
All Alpha Quality Requirements plus:
|
|
OWASP AntiSamy Project |
Alpha Quality Tool Criteria
Class | Criteria | Review Process | Example |
Alpha Quality OWASP Tools |
|
|
OWASP CSRFTester Project |
Inactive Tool Criteria
Class | Criteria | Review Process | Example |
Inactive Projects | The criteria is being built |
|
OWASP CAL9000 Project |
Assessment Scale for OWASP DOCUMENTATION Projects
Release Quality Documentation Criteria
Class | Criteria | Review Process | Example |
Release Quality OWASP Documentation |
All Beta Quality Requirements plus:
|
|
OWASP AppSec FAQ Project |
Beta Quality Documentation Criteria
Beta Quality OWASP Documentation |
All Alpha Quality Requirements plus:
|
|
OWASP CLASP Project |
Alpha Quality Documentation Criteria
Alpha Quality OWASP Documentation |
|
|
OWASP AJAX Security Project |
Inactive Documentation Criteria
Class | Criteria | Review Process | Example |
Inactive Projects | The criteria is being built |
|
FAQ
- 1. What is the purpose of the project ratings?
- The rating system allows OWASP to monitor the quality of Projects in our subject areas, and to prioritize work on these projects. It is also utilized to prepare for static releases of Wikipedia content.
- 2. How do I add a project (tool or documentation) to the OWASP Projects?
- To propose a new project, please send an email to OWASP.
- 3. How does the assessment scale work?
- Each category has a set of requirements/criteria to be met. Beta Quality implies that all of its requirements, as well as the Alpha Quality requirement have been met. Release Quality implies that all of the requirements, including Alpha and Beta, have been met.
- 4. Who can assess projects?
- The OWASP Project Manager can assign you a reviewer.
- 5. Why didn't the reviewer leave any comments?
- Unfortunately, due to the volume of projects that need to be assessed, we are unable to leave detailed comments in most cases. If you have particular questions, you might ask the person who assessed the project; they will be happy to provide you with their rationale.
- 6. What if I don't agree with a rating?
- You can list it in the section for assessment requests below, and someone will take a look at it. Alternatively, you can ask any member of the project to rate the project again.
- 7. Aren't the ratings subjective?
- Yes, they are somewhat subjective, but it's the best system we've been able to devise. If you have a better idea, please don't hesitate to let us know!
- 8. What if I have a question not listed here?
- If your question concerns the project assessment process specifically, please contact OWASP or its Project Manager directly.
Requests for assessment
If you have made significant changes to a project and would like an outside opinion on a new rating for it, please feel free to list it below and e-mail OWASP Project Manager.
- Here
- Or here
- Add new requests above this line
This category currently contains no pages or media.