This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

The Owasp Orizon Framework

Revision as of 21:20, 2 September 2008 by Thesp0nge (talk | contribs)

Jump to: navigation, search

OWASP Code Review Guide Table of Contents

A lot of open source projects exist in the wild performing static code review analysis. This is good, it means that source code testing for security issues is becoming a constraint.

Such tools bring a lot of valuable points:

  • community support
  • source code freely available to anyone
  • costs

On the other side, these tools don't share the most valuable point among them: the security knowledge. All these tools have their own security library with a lot of checks contained into without sharing such knowledge.

In 2006 Owasp Orizon project is born to provide a common underlying layer to all opensource projects concern static analysis.