Tuesday, March 4, 2014

OWASP YASCA Project in need of an interim Project Leader

The OWASP Yasca Project is currently in need of an interim project leader for a 2014 tools based, in-person, working session that will potentially be funded. Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external open source programs, such as FindBugs, PMD, JLint, JavaScript Lint, PHPLint, Cppcheck, ClamAV, RATS, and Pixy to scan specific file types, and also contains many custom scanners developed just for Yasca. It is a command-line tool that generates reports in HTML, CSV, XML, SQLite, and other formats. Yasca is easily extensible via a plugin-based architecture, so scanning any particular file is as simple as coming up with the rules or integrating external tools. Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute.
Those interested in this opportunity should familiarize themselves with the OWASP Yasca Project: https://www.owasp.org/index.php/Project_Information:template_Yasca_Project.

For more information about taking up the post as interim leader for the OWASP Yasca Project, contact Samantha Groves (Samantha.Groves@owasp.org.

No comments: