Working Sessions Projects Code Review Guide

Working Sessions Operational Rules - Please see here the general frame of rules.

WORKING SESSION IDENTIFICATION
Work Session Name	OWASP Projects: Code Review Guide
Short Work Session Description
Related Projects (if any)
Email Contacts & Roles	Chair Eoin Keary	Secretary	Mailing list Subscription Page

WORKING SESSION SPECIFICS
Objectives	Major enhancements: Introduction to be re-written Approach to code review (Risk based approach)to be re-written, re designed Examples by Vulnerability and Technical control to be expanded and refined Common Numbering nomenclature to be used Cross reference to TG and ASVS to be done New sections on tools to be introduced Expand technology specific sections Section on RIA (Rich Internet applications) to be introduced WebServices section to be refined Malware and rootkit sections to be introduced PCI section to be rewritten with more x-reference to other guides Other ideas: ESAPI section: how to review OWASP ESAPI implementations? Risk based approach Vs ASVS levels Threat modeling and Triage chapters to be revised OWASP O2 section on O2 rules definition, development Crawling code: Additional search vectors to be added Section on Code Crawler, quick start & configuration guide
Venue/Date&Time/Model	Venue OWASP Global Summit Portugal 2011	Date&Time	Discussion Model "Participants + Attendees"

WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power

WORKING SESSION ADDITIONAL DETAILS
Related resources: Frameworks to invite:

WORKING SESSION OUTCOMES
Statements, Initiatives or Decisions	Proposed by Working Group	Approved by OWASP Board
		After the Board Meeting - fill in here.
		After the Board Meeting - fill in here.

Working Session Participants

(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)


Name	Company	Notes & reason for participating, issues to be discussed/addressed

If needed add here more lines.