This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Category:OWASP Source Code Review OWASP Projects Project

Revision as of 21:51, 9 December 2008 by Walden (talk | contribs)

Jump to: navigation, search

Click here to return to OWASP Projects page.
Click here to see (& edit, if wanted) the template.

Project Name OWASP Source Code Review OWASP-Projects Project
Short Project Description The objectives of this project are: 1. Develop and document a workflow for FLOSS projects to incorporate static analysis into the Software Development Life Cycle (SDLC); 2. Apply the above workflow as a required step for OWASP projects; 3. Aid in auditing select FLOSS projects to create a baseline for comparing security amongst FLOSS projects.
Project key Information Project Leader
Dan Cornell
SoC's Project Leader
James Walden
Project Contributors
Justin Derry
Maureen Doyle
Michael Whelan
Grant Welch
Mailing list
Subscribe here
Use here
Creative Commons Attribution Share Alike 3.0
Project Type
Release Status Main Links Related Projects

Release Quality
Please see here for complete information.

OWASP Projects Scanned

AntiSamy CSRFGuard CSRFTester DirBuster JBroFuzz Lapse Stinger Webekci WebGoat WebScarab

Non-OWASP projects scanned in MediaWiki, WordPress, and many others. See for details.

Get involved

We need OWASP project leaders to submit their projects for review. We will work with you to upload your project and review the findings, so that we can get each OWASP project to show zero defects.

Please go to to subscribe to the list to contact us. You can post to the mailing list by emailing [1].


Project lead: James Walden Contributors: Maureen Doyle, Grant Welch, Michael Whelan Reviewers: Marco Morano, Alex Fry

Fortify Software has generously made their Source Code Analyzer (SCA) technology available for use by open source projects at

This category currently contains no pages or media.