This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Code Review Project Roadmap"
(Reverting to last version not containing links to s1.shard.jp) |
m (Reverted edits by Micheal w s mcnamee (talk) to last revision by Paulo Coimbra) |
||
| (2 intermediate revisions by 2 users not shown) | |||
| Line 7: | Line 7: | ||
1. Looking at each attack type and examine the anti-pattern associated with the vulnerability which makes the attack possible. This shall include code examples to guide a reviewer on what to look for. | 1. Looking at each attack type and examine the anti-pattern associated with the vulnerability which makes the attack possible. This shall include code examples to guide a reviewer on what to look for. | ||
| − | 2. Looking at the code review process, how it is managed and challanges one may encounter when performing code review in the "real world" | + | 2. Looking at the code review process, how it is managed and challanges one may encounter when performing code review in the "real world". |
| − | 3. Looking at the code review tools available and discussing the benefits and issues of using tools | + | 3. Looking at the code review tools available and discussing the benefits and issues of using tools. |
| + | 4. See also [[Projects/OWASP Code Review Project/Releases/Code Review Guide V2.0/Roadmap|Code Review Guide V2.0's Roadmap]]. | ||
| + | |||
[[Category:OWASP Code Review Project]] | [[Category:OWASP Code Review Project]] | ||
Latest revision as of 12:08, 21 November 2012
The project's overall goal is to...
be a reference document for the purpose of performing code review. This project shall provide examples in the most common web application development languages (Java and C# .NET)
In the near term, we are focused on the following tactical goals...
1. Looking at each attack type and examine the anti-pattern associated with the vulnerability which makes the attack possible. This shall include code examples to guide a reviewer on what to look for.
2. Looking at the code review process, how it is managed and challanges one may encounter when performing code review in the "real world".
3. Looking at the code review tools available and discussing the benefits and issues of using tools.
4. See also Code Review Guide V2.0's Roadmap.
