Management of OpenVAS Change RequestsTopSource Code Branches for Stable and In-DevelopmentCode Quality and Code Security

Code Quality and Code Security

Especially as an IT security product, the OpenVAS project is committed to a high level regarding code quality and security. While the code inherited from Nessus certainly left room for improvements in these two aspects, the OpenVAS project is confident in its abilities to mitigate these shortcomings and to further improve code quality and security.

The OpenVAS project makes use of a number of automated tools in order to measure the quality of the codebase and to identify potential issues in the code itself. Tools used by the OpenVAS project include Flawfinder and RATS (Rough Auditing Tool for Security).

The latest results of the code quality tests is available at:

http://www.openvas.org/code-quality.html

Please be aware that you should make yourself familiar with the tools used for generating these results before interpreting the absolute numbers. While every issue reported by these tools is evaluated by the OpenVAS developers, some of the issues reported do not have a significant impact on code quality and security.


Management of OpenVAS Change RequestsTopSource Code Branches for Stable and In-DevelopmentCode Quality and Code Security