This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
SpoC 007 - Owasp Orizon Project
From OWASP
Revision as of 10:36, 13 July 2007 by Thesp0nge (talk | contribs) (New page: === News === 13<sup>th</sup> July 2007 - The project status as Spoc 2007 start is summarized in the following: <ul> <li>java sources are translated into XML using JDK6 APIs;</li> <li>Orizo...)
News
13th July 2007 - The project status as Spoc 2007 start is summarized in the following:
- java sources are translated into XML using JDK6 APIs;
- Orizon classes are in a refactoring stage in order to reflect a better approach in design phase;
- library containing checks is now a Zip file instead of a plain XML file. The library file will contain "receipts", XML files containing security checks grouped by category.
What is missing by now is some checks. I'm looking the web in order to collect "coding best practices" and trying to formalize them in XML.
Next actions
| Id | Description | Priority | Blocking? |
|---|---|---|---|
| OR-1 | Collecting safe coding best practices | High | No |
| OR-2 | Creating APIs for XML reports | Low | No |
| OR-3 | Creating code to handle dynamic test cases generation | Medium | No |
SpoC 2007 Goals
| Goal | Completeness (%) | Included in Orizon release | Estimated inclusion time |
|---|---|---|---|
| Dynamic analysis | 0% | 0.75 | August 2007 (late, may be around 28-30) |
| Creating a library with 30 checks included | 5% | 0.80 | September 2007 (mid of) |
| Support for C language | 0% | 0.80 | September 2007 (mid of) |
| Capability to export results in XML with customizable CSS | 0% | 0.90 | October 2007 |
