This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Working Sessions Projects Code Review Guide"

From OWASP
Jump to: navigation, search
 
Line 1: Line 1:
[http://www.owasp.org/index.php/Summit_2011 ''' Global Summit 2011 Home Page''']<br>
+
#REDIRECT [[Summit_2011_Working_Sessions/Session064]]
[http://www.owasp.org/index.php/Summit_2011_Schedule ''' Global Summit 2011 Schedule''']<br>
 
[http://www.owasp.org/index.php/Summit_2011_Working_Sessions ''' Global Summit 2011 Working Sessions''']
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(179, 179, 179); color: white;" | <font color="black">'''Working Sessions Operational Rules''' - [[:Working Sessions Methodology|'''Please see here the general frame of rules''']].</font>
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | <font color="white">'''WORKING SESSION IDENTIFICATION'''</font>
 
|-
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Work Session Name'''
 
| align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <font color="black"><span style="font-weight: bold;">OWASP Projects: Code Review Guide</span></font>
 
|-
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Short Work Session Description'''
 
| align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Related Projects (if any)'''
 
| align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Email Contacts &amp; Roles'''
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Chair'''<br> [mailto:[email protected]  '''Eoin Keary''']<br>
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Secretary'''<br>
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Mailing list'''<br>[http://www.owasp.org/index.php/Summit_2011#tab=How_Do_I_Join.3F_.2F_Mailing_list '''Subscription Page''']
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | <font color="white">'''WORKING SESSION SPECIFICS'''</font>
 
|-
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Objectives'''
 
| align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <font color="black">
 
'''Major enhancements:'''<br>
 
*Introduction to be re-written <br>
 
*Approach to code review (Risk based approach)to be re-written, re designed <br>
 
*Examples by Vulnerability and Technical control to be expanded and refined <br>
 
*Common Numbering nomenclature to be used <br>
 
*Cross reference to TG and ASVS to be done <br>
 
*New sections on tools to be introduced <br>
 
*Expand technology specific sections <br>
 
*Section on RIA (Rich Internet applications) to be introduced <br>
 
*WebServices section to be refined <br>
 
*Malware and rootkit sections to be introduced <br>
 
*PCI section to be rewritten with more x-reference to other guides<br>
 
 
 
'''Other ideas:''' <br>
 
*ESAPI section: how to review OWASP ESAPI implementations?<br>
 
*Risk based approach Vs ASVS levels<br>
 
*Threat modeling and Triage chapters to be revised<br>
 
*OWASP O2 section on O2 rules definition, development <br>
 
*Crawling code: Additional search vectors to be added<br>
 
*Section on Code Crawler, quick start & configuration guide<br>
 
</font>
 
 
 
|-
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Venue/Date&amp;Time/Model'''
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Venue'''<br>[http://www.owasp.org/index.php/Summit_2011 OWASP Global Summit Portugal 2011]
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" |
 
'''Date&amp;Time'''
 
 
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Discussion Model'''<br>"Participants + Attendees"
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% white; color: white;" | <font color="black"></font> <br>
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | <font color="white">'''WORKING SESSION OPERATIONAL RESOURCES'''</font>
 
|-
 
| align="center" style="width: 100%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | Projector, whiteboards, markers, Internet connectivity, power
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% white; color: white;" | <font color="black"></font> <br>
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | <font color="white">'''WORKING SESSION ADDITIONAL DETAILS'''</font>
 
|-
 
| align="left" style="width: 100%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" |
 
*'''Related resources:'''
 
*'''Frameworks to invite:'''
 
 
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="3" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''WORKING SESSION OUTCOMES'''
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(108, 130, 181);" | Statements, Initiatives or Decisions
 
| align="center" style="width: 46%; background: none repeat scroll 0% 0% rgb(179, 179, 179);" | '''Proposed by Working Group'''
 
| align="center" style="width: 47%; background: none repeat scroll 0% 0% rgb(179, 179, 179);" | '''Approved by OWASP Board'''
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 46%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" |
 
| align="center" style="width: 47%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | After the Board Meeting - fill in here.
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 46%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" |
 
| align="center" style="width: 47%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | After the Board Meeting - fill in here.
 
|}
 
 
 
== Working Session Participants  ==
 
 
 
(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)
 
 
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" colspan="7" | <font color="white">'''WORKING SESSION PARTICIPANTS'''</font>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Name'''
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Company'''
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Notes &amp; reason for participating, issues to be discussed/addressed'''
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
| align="center" style="width: 63%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <br>
 
|}
 
 
 
If needed add here more lines.
 
 
 
[[Category:OWASP_Working_Session]]
 
[[Category:Summit_2011]]
 

Latest revision as of 12:18, 19 December 2010

Redirect to:

Retrieved from "https://wiki.owasp.org/index.php?title=Working_Sessions_Projects_Code_Review_Guide&oldid=97108"