Difference between revisions of "The Owasp Orizon Framework"

Revision as of 21:20, 2 September 2008

OWASP Code Review Guide Table of Contents

A lot of open source projects exist in the wild performing static code review analysis. This is good, it means that source code testing for security issues is becoming a constraint.

Such tools bring a lot of valuable points:

community support
source code freely available to anyone
costs

On the other side, these tools don't share the most valuable point among them: the security knowledge. All these tools have their own security library with a lot of checks contained into without sharing such knowledge.

In 2006 Owasp Orizon project is born to provide a common underlying layer to all opensource projects concern static analysis.

@@ Line 1: / Line 1: @@
+[[OWASP Code Review Guide Table of Contents]]__TOC__
+[[Category:OWASP Code Review Project]]
 A lot of open source projects exist in the wild performing static code review analysis. This is good, it means that source code testing for security issues is becoming a constraint.
-''(continue this evening)''
+Such tools bring a lot of valuable points:
+* community support
+* source code freely available to anyone
+* costs
+On the other side, these tools don't share the most valuable point among them: the security knowledge. All these tools have their own security library with a lot of checks contained into without sharing such knowledge.
+In 2006 Owasp Orizon project is born to provide a common underlying layer to all opensource projects concern static analysis.

Difference between revisions of "The Owasp Orizon Framework"

Revision as of 21:20, 2 September 2008

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools