This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "Projects/OWASP Code Review Project"

Jump to: navigation, search
Line 14: Line 14:
| project_road_map =
| project_road_map =
| links_url1 = https://
| links_url1 =
| links_name1 = OWASP Code Review Guide's (Version 2.0) Approved Budget
| links_name1 = OWASP Code Review Guide's (Version 2.0) Approved Budget

Revision as of 19:12, 25 August 2010

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP Code Review Project (home page)
Purpose: The code review guide is currently at release version 1.1 and the second best selling OWASP book in 2008. Many positive comments have been feedback regarding this initial version and believe it’s a key enabler for the OWASP fight against software insecurity. It has even inspired individuals to build tools based on its information. The combination of a book on secure code review and tools to support such an activity is very powerful as it gives the developer community a place to start regarding secure application development.

Going forward I hope to further integrate with the ASVS and other guides such as the testing and ASDR guides shall be perfromed for version 2.0.

License: Creative Commons Attribution Share Alike 3.0
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: View
Main links:
Key Contacts
current release
N/A - Unknown Date - (no download available)
Release description: N/A
Rating: {{:Projects/OWASP Code Review Project/GPC/Assessment/{{{release_name}}} | Release Rating}}
last reviewed release
Code Review Guide V1.1 - 4 January 2009 - (download)
Release description:

This release is an expanded and improved version of the former OWASP Code Review Guide’s RC 2.0 version which contains the following additional and expanded chapters: Transactional Analysis, Threat Modelling and Analysis, Example reports and how to write one, Automated code review, Rich Internet Applications, The OWASP ESAPI, Code review Metrics, Integrating Code review with an existing SDLC.

Rating: Greenlight.pngGreenlight.pngGreenlight.png Stable Release - Assessment Details

other releases