This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Working Sessions Projects Code Review Guide"
From OWASP
Sarah Baso (talk | contribs) |
Sarah Baso (talk | contribs) |
||
| Line 32: | Line 32: | ||
|- | |- | ||
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Objectives''' | | align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Objectives''' | ||
| − | | align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <font color="black">< | + | | align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <font color="black"> |
| + | '''Major enhancements:'''<br> | ||
| + | *Introduction to be re-written <br> | ||
| + | *Approach to code review (Risk based approach)to be re-written, re designed <br> | ||
| + | *Examples by Vulnerability and Technical control to be expanded and refined <br> | ||
| + | *Common Numbering nomenclature to be used <br> | ||
| + | *Cross reference to TG and ASVS to be done <br> | ||
| + | *New sections on tools to be introduced <br> | ||
| + | *Expand technology specific sections <br> | ||
| + | *Section on RIA (Rich Internet applications) to be introduced <br> | ||
| + | *WebServices section to be refined <br> | ||
| + | *Malware and rootkit sections to be introduced <br> | ||
| + | *PCI section to be rewritten with more x-reference to other guides<br> | ||
| + | |||
| + | '''Other ideas:''' <br> | ||
| + | *ESAPI section: how to review OWASP ESAPI implementations?<br> | ||
| + | *Risk based approach Vs ASVS levels<br> | ||
| + | *Threat modeling and Triage chapters to be revised<br> | ||
| + | *OWASP O2 section on O2 rules definition, development <br> | ||
| + | *Crawling code: Additional search vectors to be added<br> | ||
| + | *Section on Code Crawler, quick start & configuration guide<br> | ||
</font> | </font> | ||
Revision as of 04:26, 17 December 2010
Global Summit 2011 Home Page
Global Summit 2011 Schedule
Global Summit 2011 Working Sessions
| Working Sessions Operational Rules - Please see here the general frame of rules. |
|---|
| WORKING SESSION IDENTIFICATION | ||||||
|---|---|---|---|---|---|---|
| Work Session Name | OWASP Projects: Code Review Guide | |||||
| Short Work Session Description | | |||||
| Related Projects (if any) | | |||||
| Email Contacts & Roles | Chair Eoin Keary |
Secretary |
Mailing list Subscription Page | |||
| WORKING SESSION SPECIFICS | ||||||
|---|---|---|---|---|---|---|
| Objectives |
Major enhancements:
Other ideas:
| |||||
| Venue/Date&Time/Model | Venue OWASP Global Summit Portugal 2011 |
Date&Time |
Discussion Model "Participants + Attendees" | |||
| |
|---|
| WORKING SESSION OPERATIONAL RESOURCES | ||||||
|---|---|---|---|---|---|---|
| Projector, whiteboards, markers, Internet connectivity, power | ||||||
| |
|---|
| WORKING SESSION ADDITIONAL DETAILS | ||||||
|---|---|---|---|---|---|---|
| ||||||
| WORKING SESSION OUTCOMES | ||
|---|---|---|
| Statements, Initiatives or Decisions | Proposed by Working Group | Approved by OWASP Board |
| |
After the Board Meeting - fill in here. | |
| |
After the Board Meeting - fill in here. | |
Working Session Participants
(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)
| WORKING SESSION PARTICIPANTS | ||||||
|---|---|---|---|---|---|---|
| |
Name | Company | Notes & reason for participating, issues to be discussed/addressed | |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
| |
|
|
| |||
If needed add here more lines.
