Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Owasp Orizon Project

Published by翊 宦 Modified over 6 years ago

Similar presentations

Presentation on theme: "The Owasp Orizon Project"— Presentation transcript:

1 The Owasp Orizon Project
Paolo Perego, Project Leader

2 Overview Project started in 2006
Another opensource alternative in source code static analysis Not only a tool but a static analysis framework Completely rewritten in the last 9 months Web exposure boosted after Owasp AppSec NYC’08 last september

3 Objectives Provide a set of APIs that anyone can use in a source code static analysis tool Provide a set of security checks to be applied to source code Knowledge is open here, so only opensourced security checks will be included Best of breed best practices Owasp Code Review Guide Cigital Java Security Rulepack ( Custom written security checks Language independent Use XML as meta-language to describe source code Apply security checks to the XML interpreted language

4 Status and Future Steps
Project reached version 1.0 Now the real fun is going to start Usable To perform basic code reviews To build security tools Fancy Very basic GUI Mac OS X standalone application Near future (end 2008): version 1.2 Security library to be consolidated with more checks GUI improvement Mid term future (2Q 2009): version 1.4 Integration with: Code Crawler (Alessio Marziali) O2 (Dinis Cruz) Java Bytecode security code review

5 Closing Thanks http://orizon.sourceforge.net thesp0nge@owasp.org
2009, the turning away year Library will be almost complete Standalone application will be released for Win32 and Unix too A network of great security related tools O2 Code Crawler Marketing Blog ( Twitter usage (check OWASPOrizon user) AppSecs (Poland ‘09, …) Recruiting developers Thanks For the criticisms For the support For believing

Download ppt "The Owasp Orizon Project"

Similar presentations

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
INTRODUCTION TO JAVAFX CS12420 – Software Development Andrei Stanica (modified ltt)

INTRODUCTION TO JAVAFX CS12420 – Software Development Andrei Stanica (modified ltt)
Lecture plan Information retrieval (from week 11)

Lecture plan Information retrieval (from week 11)
Converting S-Plus Applications into R Andy Nicholls

Converting S-Plus Applications into R Andy Nicholls
Here’s what we see when we start a new BlueJ “Project”. BlueJ automatically creates a small “readme.txt” file to hold any directions we wish to write about.

Here’s what we see when we start a new BlueJ “Project”. BlueJ automatically creates a small “readme.txt” file to hold any directions we wish to write about.
Introduction To Java Objectives For Today â Introduction To Java â The Java Platform & The (JVM) Java Virtual Machine â Core Java (API) Application Programming.

Introduction To Java Objectives For Today â Introduction To Java â The Java Platform & The (JVM) Java Virtual Machine â Core Java (API) Application Programming.
November 2003 InterLab 2003 -- Juli Hearn Savannah River Site We-SHARE Web-based Electronic Sharing and Reallocation of Assets.

November 2003 InterLab Juli Hearn Savannah River Site We-SHARE Web-based Electronic Sharing and Reallocation of Assets.
CSE3030Lecture 11 Know Your User The First Slogan.

CSE3030Lecture 11 Know Your User The First Slogan.
Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.

Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.
PHP Scripting Language. Introduction “PHP” is an acronym for “PHP: Hypertext Preprocessor.” It is an interpreted, server-side scripting language. Originally.

PHP Scripting Language. Introduction “PHP” is an acronym for “PHP: Hypertext Preprocessor.” It is an interpreted, server-side scripting language. Originally.
PaperCut NG Chris Dance. Copyright © 2006 - PaperCut Software Pty. Ltd. 2 Overview Overview of PaperCut NG Why we offer a Mac Version The story of our.

PaperCut NG Chris Dance. Copyright © PaperCut Software Pty. Ltd. 2 Overview Overview of PaperCut NG Why we offer a Mac Version The story of our.
This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.

This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.
01 Introduction to Java Technology. 2 Contents History of Java What is Java? Java Platforms Java Virtual Machine (JVM) Java Development Kit (JDK) Benefits.

01 Introduction to Java Technology. 2 Contents History of Java What is Java? Java Platforms Java Virtual Machine (JVM) Java Development Kit (JDK) Benefits.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
110-01-12 These materials are prepared only for the students enrolled in the course Distributed Software Development (DSD) at the Department of Computer.

These materials are prepared only for the students enrolled in the course Distributed Software Development (DSD) at the Department of Computer.
Chapter 4 Computer Software.

Chapter 4 Computer Software.
Alfresco – An Open Source Content Management System - Bindu Nayar, Bhavana Mohanraj.

Alfresco – An Open Source Content Management System - Bindu Nayar, Bhavana Mohanraj.
A Free sample background from www.powerpointbackgrounds.com © 2001 By Default!Slide 1.NET Overview BY: Pinkesh Desai.

A Free sample background from © 2001 By Default!Slide 1.NET Overview BY: Pinkesh Desai.
Software Reuse Course: # 605.703. The Johns-Hopkins University Montgomery County Campus Fall 2000 Lecture # 1 - September 7, 2004.

Software Reuse Course: # The Johns-Hopkins University Montgomery County Campus Fall 2000 Lecture # 1 - September 7, 2004.
Mohan Kumar Puttasiddaiah

Mohan Kumar Puttasiddaiah

Similar presentations

Ads by Google