This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP Live CD Project - AppSecEU May2009 Release - Assessment"

From OWASP
Jump to: navigation, search
Line 242: Line 242:
 
<!-- ############## QUESTION BELOW ############## -->
 
<!-- ############## QUESTION BELOW ############## -->
 
''5. Is the tool's documentation available with the source code and would it readily discoverable by a new user of the tool?''  
 
''5. Is the tool's documentation available with the source code and would it readily discoverable by a new user of the tool?''  
 +
----
 +
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 +
Delete this text and place your answer here. 
 +
<!-- ############## RESPOND ABOVE THIS LINE ############## -->
 +
|-
 +
| style="width:100%; background:#C2C2C2" align="left"|<!-- Provides a spacer -->
 +
|-
 +
| style="width:100%; background:#white" align="left"|
 +
<!-- ############## QUESTION BELOW ############## -->
 +
''6. Is there anything missing that is critical enough to keep the release at a alpha quality?''
 
----
 
----
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
Line 254: Line 264:
 
  |-  
 
  |-  
 
  | style="width:100%; background:#white" align="left"|
 
  | style="width:100%; background:#white" align="left"|
''6. Does the tool substantially address the application security issues it was created to solve?''  
+
''7. Does the tool substantially address the application security issues it was created to solve?''  
 
----
 
----
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
Line 264: Line 274:
 
  | style="width:100%; background:#white" align="left"|
 
  | style="width:100%; background:#white" align="left"|
 
<!-- ############## QUESTION BELOW ############## -->
 
<!-- ############## QUESTION BELOW ############## -->
''7. Is the tool reasonably easy to use?''  
+
''8. Is the tool reasonably easy to use?''  
 
----
 
----
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
Line 274: Line 284:
 
  | style="width:100%; background:#white" align="left"|
 
  | style="width:100%; background:#white" align="left"|
 
<!-- ############## QUESTION BELOW ############## -->
 
<!-- ############## QUESTION BELOW ############## -->
''8. Does the documentation meet the needs of the tool users and is easily found?''   
+
''9. Does the documentation meet the needs of the tool users and is easily found?''   
 
----
 
----
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
Line 284: Line 294:
 
  | style="width:100%; background:#white" align="left"|
 
  | style="width:100%; background:#white" align="left"|
 
<!-- ############## QUESTION BELOW ############## -->
 
<!-- ############## QUESTION BELOW ############## -->
''9. Do the build scripts work as expected? Can you build the tool? The goal is a “One-click” build.''  
+
''10. Do the build scripts work as expected? Can you build the tool? The goal is a “One-click” build.''  
 
----
 
----
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
Line 294: Line 304:
 
  | style="width:100%; background:#white" align="left"|
 
  | style="width:100%; background:#white" align="left"|
 
<!-- ############## QUESTION BELOW ############## -->
 
<!-- ############## QUESTION BELOW ############## -->
''10. Is the bug tracking system usable? Is it hosted at the same place as the source code? (e.g. Google Code, Sourceforge)''  
+
''11. Is the bug tracking system usable? Is it hosted at the same place as the source code? (e.g. Google Code, Sourceforge)''  
 
----
 
----
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
Line 304: Line 314:
 
  | style="width:100%; background:#white" align="left"|
 
  | style="width:100%; background:#white" align="left"|
 
<!-- ############## QUESTION BELOW ############## -->
 
<!-- ############## QUESTION BELOW ############## -->
''11. Have you noted any limitations of the tool that are not already documented by the project lead.''  
+
''12. Have you noted any limitations of the tool that are not already documented by the project lead.''  
 
----
 
----
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
Line 314: Line 324:
 
  | style="width:100%; background:#white" align="left"|
 
  | style="width:100%; background:#white" align="left"|
 
<!-- ############## QUESTION BELOW ############## -->
 
<!-- ############## QUESTION BELOW ############## -->
''12. Would you consider using this tool in your day to day work assuming your professional work includes a reason to use this tool? Why or why not?''  
+
''13. Would you consider using this tool in your day to day work assuming your professional work includes a reason to use this tool? Why or why not?''  
 
----
 
----
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
Line 324: Line 334:
 
  | style="width:100%; background:#white" align="left"|
 
  | style="width:100%; background:#white" align="left"|
 
<!-- ############## QUESTION BELOW ############## -->
 
<!-- ############## QUESTION BELOW ############## -->
''13. What, if anything, is missing which would make this a more useful tool? Is what is missing critical enough to keep the release at a beta quality?''  
+
''14. What, if anything, is missing which would make this a more useful tool? Is what is missing critical enough to keep the release at a beta quality?''  
 
----
 
----
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->
 
<!-- ############## RESPOND BELOW THIS LINE ############## -->

Revision as of 18:55, 21 June 2009

Click here to return to project's main page

Stable Release Review of the OWASP Live CD AppSecEU May2009 Release

Project Leader for this Release

Matt Tesauro's Pre-Assessment Checklist:

Alpha level

1. Is your tool licensed under an open source license?


Delete this text and place your answer here.

2. Is the source code and any documentation available in an online project repository? (e.g. Google Code or Sourceforge site)


Delete this text and place your answer here.

3. Is there working code?


Delete this text and place your answer here.

4. Is there a roadmap for this project release which will take it from Alpha to Stable release?


Delete this text and place your answer here.

Beta Level

5. Are the Alpha pre-assessment items complete?


Delete this text and place your answer here.

6. Is there an installer or stand-alone executable?


Delete this text and place your answer here.

7. Is there user documentation on the OWASP project wiki page?


Delete this text and place your answer here.

8. Is there an "About box" or similar help item which lists the following?

  • Project Name
  • Short Description
  • Project Release Lead and contact information (e.g. email address)
  • Project Release Contributors (if any)
  • Project Release License
  • Project Release Sponsors (if any)
  • Release status and date assessed as Month-Year (e.g. March 2009)
  • Link to OWASP Project Page

Delete this text and place your answer here.

9. Is there documentation on how to build the tool from source including obtaining the source from the code repository?


Delete this text and place your answer here.

10. Is the tool documentation stored in the same repository as the source code?


Delete this text and place your answer here.

Stable Level

11. Are the Alpha and Beta pre-assessment items complete?


Delete this text and place your answer here.

12. Does the tool include documentation built into the tool?


Delete this text and place your answer here.

13. Does the tool include build scripts to automate builds?


Delete this text and place your answer here.

14. Is there a publicly accessible bug tracking system?


Delete this text and place your answer here.

15. Have any existing limitations of the tool been documented?


Delete this text and place your answer here.



First Reviewer

First Reviewer's Review:
Ideally, reviewers should be an existing OWASP project leader or chapter leader.

Beta Release Level Questions

1. Is an installer for the tool available and easy to use? How close does it reach the goal of a fully automated installer?


Delete this text and place your answer here.

2. Is the end user documentation complete, relevant and presented on the OWASP wiki page?


Delete this text and place your answer here.

3. Does the tool have an “About box” or similar help item which allows the end user to get an overview of the state of this tool? Is this information readily available and easy to find?


Delete this text and place your answer here.

4. Does the documentation on building the source provide the necessary information and detail to allow someone to build the tool? Is there sufficient detail and information for the target user? Is there any domain specific knowledge that is assumed and not provided?


Delete this text and place your answer here.

5. Is the tool's documentation available with the source code and would it readily discoverable by a new user of the tool?


Delete this text and place your answer here.

6. Is there anything missing that is critical enough to keep the release at a alpha quality?


Delete this text and place your answer here.

Stable Release Level Questions

7. Does the tool substantially address the application security issues it was created to solve?


Delete this text and place your answer here.

8. Is the tool reasonably easy to use?


Delete this text and place your answer here.

9. Does the documentation meet the needs of the tool users and is easily found?


Delete this text and place your answer here.

10. Do the build scripts work as expected? Can you build the tool? The goal is a “One-click” build.


Delete this text and place your answer here.

11. Is the bug tracking system usable? Is it hosted at the same place as the source code? (e.g. Google Code, Sourceforge)


Delete this text and place your answer here.

12. Have you noted any limitations of the tool that are not already documented by the project lead.


Delete this text and place your answer here.

13. Would you consider using this tool in your day to day work assuming your professional work includes a reason to use this tool? Why or why not?


Delete this text and place your answer here.

14. What, if anything, is missing which would make this a more useful tool? Is what is missing critical enough to keep the release at a beta quality?


Delete this text and place your answer here.


Second Reviewer

Second Reviewer's Review:
It is recommended that an OWASP board member or Global Projects Committee member be the second reviewer on Quality releases. The board has the initial option to review the project, followed by the Global Projects Committee.

Beta Release Level Questions

1. Is an installer for the tool available and easy to use? How close does it reach the goal of a fully automated installer?


Delete this text and place your answer here.

2. Is the end user documentation complete, relevant and presented on the OWASP wiki page?


Delete this text and place your answer here.

3. Does the tool have an “About box” or similar help item which allows the end user to get an overview of the state of this tool? Is this information readily available and easy to find?


Delete this text and place your answer here.

4. Does the documentation on building the source provide the necessary information and detail to allow someone to build the tool? Is there sufficient detail and information for the target user? Is there any domain specific knowledge that is assumed and not provided?


Delete this text and place your answer here.

5. Is the tool's documentation available with the source code and would it readily discoverable by a new user of the tool?


Delete this text and place your answer here.

Stable Release Level Questions

6. Does the tool substantially address the application security issues it was created to solve?


Delete this text and place your answer here.

7. Is the tool reasonably easy to use?


Delete this text and place your answer here.

8. Does the documentation meet the needs of the tool users and is easily found?


Delete this text and place your answer here.

9. Do the build scripts work as expected? Can you build the tool? The goal is a “One-click” build.


Delete this text and place your answer here.

10. Is the bug tracking system usable? Is it hosted at the same place as the source code? (e.g. Google Code, Sourceforge)


Delete this text and place your answer here.

11. Have you noted any limitations of the tool that are not already documented by the project lead.


Delete this text and place your answer here.

12. Would you consider using this tool in your day to day work assuming your professional work includes a reason to use this tool? Why or why not?


Delete this text and place your answer here.

13. What, if anything, is missing which would make this a more useful tool? Is what is missing critical enough to keep the release at a beta quality?


Delete this text and place your answer here.



This category currently contains no pages or media.