This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:Sqlibench - Final Review - First Reviewer - D"

From OWASP
Jump to: navigation, search
(New page: Clik here to return to the previous page. {| style="width:100%" border="0" align="center" ! colspan="3" align="center" style="background:#4058A0; col...)
 
 
(3 intermediate revisions by the same user not shown)
Line 15: Line 15:
 
1. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#SQL_Injector_Benchmarking_Project_.28SQLiBENCH.29|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
 
1. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#SQL_Injector_Benchmarking_Project_.28SQLiBENCH.29|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
The project reached its objectives. There were some optional features such as videos, integrating OWASP site generator etc. However I don't think these actually effects the overall outcome and the main objectives of the project. Also there were some nice additions to the project such as online version of the results in an interactively browsable way, really detailed documentation (with screenshots and everything), results in one nice PDF matrix, XML output, quite tidy Google Code Project Page etc.
 
  |-
 
  |-
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
2. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#SQL_Injector_Benchmarking_Project_.28SQLiBENCH.29|'''the assumed ones''']], please quantify in terms of percentage.
 
2. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#SQL_Injector_Benchmarking_Project_.28SQLiBENCH.29|'''the assumed ones''']], please quantify in terms of percentage.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
The project deliveries and objectives completed 100%.
 
  |-  
 
  |-  
 
|-
 
|-
Line 24: Line 26:
 
3. Please do use the right hand side column to provide advice and make work suggestions.
 
3. Please do use the right hand side column to provide advice and make work suggestions.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
I think keeping vulnerable applications source code in the SVN repository can make life easier for everyone, although it's not that important since there is a nice package to download.
 
  |-  
 
  |-  
 
  | style="width:25%; background:white" align="center"|'''PART II'''  
 
  | style="width:25%; background:white" align="center"|'''PART II'''  
Line 39: Line 42:
 
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
 
1. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Alpha Quality''' status?
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
None
 
  |-
 
  |-
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
 
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
Since this project is different than 'a tool', it requires slightly different approach to asses. Such as where to put an 'about box' or 'help'. In interactive criteria interface?, into the documents? or into the vulnerable application itself?  Like there is no single installer but there is really well documented process to follow. Overall I believe that the application is got more than Beta Quality.
 +
 +
 +
 +
 
  |-  
 
  |-  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
 
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
Beta Quality comments apply to here as well. As far as I know there are some presentations regarding the whole project within the OWASP Turkey Chapter although I couldn't find them in Google Code downloads. As soon as the project page updated with all related documents and user friendly introduction to the project (a summary and easy access to up to date results/matrix) it'll reach the OWASP's Release Quality.
 
  |-   
 
  |-   
 
  | style="width:25%; background:#7B8ABD" align="center"|
 
  | style="width:25%; background:#7B8ABD" align="center"|
 
4. Please do use the right hand side column to provide advice and make work suggestions.  
 
4. Please do use the right hand side column to provide advice and make work suggestions.  
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
I assume this will be done after the reviews get finished, but for the records "Update the project page."
 
|}
 
|}

Latest revision as of 19:48, 4 November 2008

.

50% REVIEW PROCESS

Project Deliveries & Objectives

Sqlibench Project's Deliveries & Objectives

QUESTIONS ANSWERS

1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised.

The project reached its objectives. There were some optional features such as videos, integrating OWASP site generator etc. However I don't think these actually effects the overall outcome and the main objectives of the project. Also there were some nice additions to the project such as online version of the results in an interactively browsable way, really detailed documentation (with screenshots and everything), results in one nice PDF matrix, XML output, quite tidy Google Code Project Page etc.

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage.

The project deliveries and objectives completed 100%.

3. Please do use the right hand side column to provide advice and make work suggestions.

I think keeping vulnerable applications source code in the SVN repository can make life easier for everyone, although it's not that important since there is a nice package to download.

PART II

Assessment Criteria

OWASP Project Assessment Criteria

QUESTIONS ANSWERS

1. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Alpha Quality status?

None

2. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Beta Quality status?

Since this project is different than 'a tool', it requires slightly different approach to asses. Such as where to put an 'about box' or 'help'. In interactive criteria interface?, into the documents? or into the vulnerable application itself? Like there is no single installer but there is really well documented process to follow. Overall I believe that the application is got more than Beta Quality.



3. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Release Quality status?

Beta Quality comments apply to here as well. As far as I know there are some presentations regarding the whole project within the OWASP Turkey Chapter although I couldn't find them in Google Code downloads. As soon as the project page updated with all related documents and user friendly introduction to the project (a summary and easy access to up to date results/matrix) it'll reach the OWASP's Release Quality.

4. Please do use the right hand side column to provide advice and make work suggestions.

I assume this will be done after the reviews get finished, but for the records "Update the project page."