This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

QA wikiupdates

From OWASP
Revision as of 01:17, 13 June 2014 by Johanna Curiel (talk | contribs)

Jump to: navigation, search

Quality Approach Updates

12 June 2014

These has been the activities and progress regarding the QA project as described in here: https://www.owasp.org/index.php/Proposal_Project_Review_QA_Approach

JIRA Account configured for Candidate Flagship projects

Setup Projects in JIRA(done):

  • OWASP AntiSamy Project
  • OWASP Enterprise Security API
  • OWASP ModSecurity Core Rule Set Project
  • OWASP CSRFGuard Project
  • OWASP Web Testing Environment Project
  • OWASP WebGoat Project
  • OWASP Zed Attack Proxy

Setup Accounts for Project leaders and Admins(done)

Virtual Server: Testing Environment(In progress)

Acquired a virtual server through Leaseweb OS: Windows 2012 Installed components:

  • Eclipse
  • Visual Studio Express
  • OWASP ZAP 2.3.1
  • TomCat 6
  • MySQL 5.5
  • Tortoise Subversion
  • JRE 7
  • Mozilla
  • WAVSEP.war


SWAMP integration preliminary tests

Created some tests to load ESAPI C into the SWAMP but the assessment failed. Probably related to build scripts. Screenshot 2014-06-12 21.15.02.png

Preliminary tests on activity verification

ESAPI libraries are been right now verified for Health Criteria. From this first assessment the following results

  • Perl==> Last maintained 3 years ago
  • C++==>last commit 11 months ago
  • Python==>last release from 3 years ago
  • .NET==>last release from 3 years ago
  • C==>Source code last updated 2 years ago
  • Java==> Updated a month ago
  • Classic ASP==>last release from 3 years ago

Libraries with more than a yea without updates do not pass the health criteria Email has sent to Project leaders for verification of inactivity levels or any further plans in the future

Retrieved from "https://wiki.owasp.org/index.php?title=QA_wikiupdates&oldid=176861"