This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

The Owasp Orizon Framework

From OWASP
Revision as of 21:20, 2 September 2008 by Thesp0nge (talk | contribs)

Jump to: navigation, search

OWASP Code Review Guide Table of Contents

A lot of open source projects exist in the wild performing static code review analysis. This is good, it means that source code testing for security issues is becoming a constraint.

Such tools bring a lot of valuable points:

  • community support
  • source code freely available to anyone
  • costs

On the other side, these tools don't share the most valuable point among them: the security knowledge. All these tools have their own security library with a lot of checks contained into without sharing such knowledge.

In 2006 Owasp Orizon project is born to provide a common underlying layer to all opensource projects concern static analysis.