The Owasp Orizon Project

Slides:



Advertisements
Similar presentations
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Advertisements

INTRODUCTION TO JAVAFX CS12420 – Software Development Andrei Stanica (modified ltt)
Lecture plan Information retrieval (from week 11)
Converting S-Plus Applications into R Andy Nicholls
Here’s what we see when we start a new BlueJ “Project”. BlueJ automatically creates a small “readme.txt” file to hold any directions we wish to write about.
Introduction To Java Objectives For Today â Introduction To Java â The Java Platform & The (JVM) Java Virtual Machine â Core Java (API) Application Programming.
November 2003 InterLab Juli Hearn Savannah River Site We-SHARE Web-based Electronic Sharing and Reallocation of Assets.
CSE3030Lecture 11 Know Your User The First Slogan.
Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.
PHP Scripting Language. Introduction “PHP” is an acronym for “PHP: Hypertext Preprocessor.” It is an interpreted, server-side scripting language. Originally.
PaperCut NG Chris Dance. Copyright © PaperCut Software Pty. Ltd. 2 Overview Overview of PaperCut NG Why we offer a Mac Version The story of our.
This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.
01 Introduction to Java Technology. 2 Contents History of Java What is Java? Java Platforms Java Virtual Machine (JVM) Java Development Kit (JDK) Benefits.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
These materials are prepared only for the students enrolled in the course Distributed Software Development (DSD) at the Department of Computer.
Chapter 4 Computer Software.
Alfresco – An Open Source Content Management System - Bindu Nayar, Bhavana Mohanraj.
A Free sample background from © 2001 By Default!Slide 1.NET Overview BY: Pinkesh Desai.
Software Reuse Course: # The Johns-Hopkins University Montgomery County Campus Fall 2000 Lecture # 1 - September 7, 2004.
Mohan Kumar Puttasiddaiah
Ruby & rails by Nicholas Belotti. What is ruby Ruby is an object orientated scripting language. In Ruby...everything is an object! Ruby was released in.
Architecture of.NET Framework .NET Framework ٭ Microsoft.NET (pronounced “dot net”) is a software component that runs on the Windows operating.
LO2 Understand the key components used in networking
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
4 - 1 Copyright © 2006, The McGraw-Hill Companies, Inc. All rights reserved.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Personalizing the web for multilingual web sources Anil Goud V Lalith Krishna L Dinesh Kumar D.R.
Computer Software Chapter 4 McGraw-Hill/IrwinCopyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved.
WordFreak A Language Independent, Extensible Annotation Tool.
Lecture 1 Introduction to Java MIT-AITI Ethiopia 2004.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Introduction to PHP and MySQL Kirkwood Center for Continuing Education By Fred McClurg, © Copyright 2015, Fred McClurg, All Rights.
The HipHop Compiler from Facebook By Megha Gupta & Nikhil Kapoor.
CS527 Topics in Software Engineering (Software Testing and Analysis) Darko Marinov September 9, 2010.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
AutoTester & UAT Automation Framework By SSTZ-UAT.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 4 Computer Software.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
J ava P rogramming: From Problem Analysis to Program Design, From Problem Analysis to Program Design, Second Edition Second Edition D.S. Malik D.S. Malik.
WEEK INTRODUCTION CSC426 SOFTWARE ENGINEERING.
1. An Introduction A Programming Language A Technology Java Development Kit Java API One Language: Three Editions Standard Edition Enterprise Edition.
Converting S-Plus Applications into R Andy Nicholls
Aspect Oriented Security Tim Hollebeek, Ph.D.
Modern Programming Language. Web Container & Web Applications Web applications are server side applications The most essential requirement.
Mobile Testing Overview. Agenda Mobile application quality poses a unique challenge Mobile changes the ALM cycle – Interoperability is unique to mobile.
July 19, 2004Joint Techs – Columbus, OH Network Performance Advisor Tanya M. Brethour NLANR/DAST.
Introduction to 1. What is Java ? Sun Microsystems Java is a programming language and computing platform first released by Sun Microsystems in The.
Android. Android An Open Handset Alliance Project A software platform and operating system for mobile devices Based on the Linux kernel Developed by Google.
Computer System Structures
THE PRESENT AND FUTURE nopCommerce  .
Microsoft Evangelist Presentation
Xamarin Mac application development
Chapter 2: Operating-System Structures
Web Application Security
Introduction to.
Appendix A: Guide to Using Microsoft Project 2002
Jeff Williams OWASP Chair
Introduction Enosis Learning.
October 30th, 2007 Thanks to Mike Perez and Chris Ritchie for the graphic.
OWASP Site Generator Refresh
Introduction Enosis Learning.
GIFT / Fiscal Data Package Iteration 3
August 27th, 2013 #austinjug Thanks to Mike Perez and Chris Ritchie for the graphic.
Tour of OWASP’s projects
Introduction CSC 111.
Java Workflow Tooling (JWT) Release review: JWT v0
How Java Program Executes
Appendix A: Guide to Using Microsoft Project 2002
Graphical Modeling of INFOD applications
Presentation transcript:

The Owasp Orizon Project Paolo Perego, thesp0nge@owasp.org Project Leader

Overview Project started in 2006 Another opensource alternative in source code static analysis Not only a tool but a static analysis framework Completely rewritten in the last 9 months Web exposure boosted after Owasp AppSec NYC’08 last september

Objectives Provide a set of APIs that anyone can use in a source code static analysis tool Provide a set of security checks to be applied to source code Knowledge is open here, so only opensourced security checks will be included Best of breed best practices Owasp Code Review Guide Cigital Java Security Rulepack (http://www.cigital.com/securitypack/view/index.html) Custom written security checks Language independent Use XML as meta-language to describe source code Apply security checks to the XML interpreted language

Status and Future Steps Project reached version 1.0 Now the real fun is going to start Usable To perform basic code reviews To build security tools Fancy Very basic GUI Mac OS X standalone application Near future (end 2008): version 1.2 Security library to be consolidated with more checks GUI improvement Mid term future (2Q 2009): version 1.4 Integration with: Code Crawler (Alessio Marziali) O2 (Dinis Cruz) Java Bytecode security code review

Closing Thanks http://orizon.sourceforge.net thesp0nge@owasp.org 2009, the turning away year Library will be almost complete Standalone application will be released for Win32 and Unix too A network of great security related tools O2 Code Crawler Marketing Blog (http://orizon.sf.net/blog) Twitter usage (check OWASPOrizon user) AppSecs (Poland ‘09, …) Recruiting developers Thanks For the criticisms For the support For believing http://orizon.sourceforge.net thesp0nge@owasp.org

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.