This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

QA wikiupdates

From OWASP
Revision as of 01:13, 13 June 2014 by Johanna Curiel (talk | contribs)

Jump to: navigation, search

Quality Approach Updates

12 June 2014

These has been the activities and progress regarding the QA project as described in here: https://www.owasp.org/index.php/Proposal_Project_Review_QA_Approach

JIRA Account configured for Candidate Flagship projects

Setup Projects in JIRA(done):

  • OWASP AntiSamy Project
  • OWASP Enterprise Security API
  • OWASP ModSecurity Core Rule Set Project
  • OWASP CSRFGuard Project
  • OWASP Web Testing Environment Project
  • OWASP WebGoat Project
  • OWASP Zed Attack Proxy

Setup Accounts for Project leaders and Admins(done)

Virtual Server: Testing Environment(In progress)

Acquired a virtual server through Leaseweb OS: Windows 2012 Installed components:

  • Eclipse
  • Visual Studio Express
  • OWASP ZAP 2.3.1
  • TomCat 6
  • MySQL 5.5
  • Tortoise Subversion
  • JRE 7
  • Mozilla
  • WAVSEP.war


SWAMP integration

Created some tests to load ESAPI C and C++ into the SWAMP but the assessment failed. Probably related to build scripts.

Preliminary tests on activity verification

ESAPI libraries are been right now verified for Health Criteria. From this first assessment the following results

  • Perl==> Last maintained 3 years ago
  • C++==>last commit 11 months ago
  • Python==>last release from 3 years ago
  • .NET==>last release from 3 years ago
  • C==>Source code last updated 2 years ago
  • Java==> Updated a month ago
  • Classic ASP==>last release from 3 years ago

Libraries with more than a yea without updates do not pass the health criteria Email has sent to Project leaders for verification of inactivity levels or any further plans in the future

Retrieved from "https://wiki.owasp.org/index.php?title=QA_wikiupdates&oldid=176858"