This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:template Source Code Review OWASP Projects - Final Review - First Reviewer - D"

From OWASP
Jump to: navigation, search
 
Line 54: Line 54:
 
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
 
2. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Beta Quality''' status?
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
The project leads state that documentation needs to be expanded and links added to the code review guide.
+
All Beta criteria are fulfilled.
 
  |-  
 
  |-  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
 
3. Having into consideration the [[:Category:OWASP Project Assessment|OWASP Project Assessment Methodology]] which criteria, if any, haven’t been fulfilled in terms of '''Release Quality''' status?
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
The project leads intend to add the OWASP EU Summit presentation to fulfill that requirement once it's ready.   
+
The OWASP EU Summit presentation has been uploaded to fulfill that requirement.   
 
  |-   
 
  |-   
 
  | style="width:25%; background:#7B8ABD" align="center"|
 
  | style="width:25%; background:#7B8ABD" align="center"|
 
4. Please do use the right hand side column to provide advice and make work suggestions.
 
4. Please do use the right hand side column to provide advice and make work suggestions.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
More OWASP project leaders need to integrate security into the Software Life Cycle.  A "lead with a tool" approach, using a static analysis tool, is a good way to start. This type of approach also enhances other complementary software assurance activities, e.g., bug tracking and testing. Participation and feedback from these efforts will help inform this process and make it an integral part of the OWASP SDL.
+
All work has been completed 100%.
 
|}
 
|}

Latest revision as of 17:44, 22 December 2008

Clik here to return to the previous page.

FINAL REVIEW
PART I

Project Deliveries & Objectives

OWASP Source Code Review OWASP-Projects Project's Deliveries & Objectives

QUESTIONS ANSWERS

1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised.

The major project objectives have been accomplished:

  1. Verified that the workflow for introducing static analysis into OWASP projects has been created.
  2. Verified that 10 OWASP projects have been submitted to be analyzed on the owasp.fortify.com site to establish an OWASP baseline.
  3. Verified that the project has submitted the 25 most popular open source PHP projects to be analyzed on the owasp.fortify.com site to establish an open source baseline.

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage.

  1. Workflow for introducing static analysis into OWASP projects (100%).
  2. Analyzed 10 OWASP projects (100%).
  3. Analyzed 25 most popular open source PHP projects on owasp.fortify.com (100%).

3. Please do use the right hand side column to provide advice and make work suggestions.

N/A

PART II

Assessment Criteria

OWASP Project Assessment Criteria

QUESTIONS ANSWERS

1. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Alpha Quality status?

All Alpha criteria are fulfilled.

2. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Beta Quality status?

All Beta criteria are fulfilled.

3. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Release Quality status?

The OWASP EU Summit presentation has been uploaded to fulfill that requirement.

4. Please do use the right hand side column to provide advice and make work suggestions.

All work has been completed 100%.

Retrieved from "https://wiki.owasp.org/index.php?title=Project_Information:template_Source_Code_Review_OWASP_Projects_-_Final_Review_-_First_Reviewer_-_D&oldid=49763"