Strengthening software security of Odoo :an integrated approach using Semgrep with rule-based modification and optimization
This thesis presents an integrated approach to strengthen software security of Odoo, a popular open-source ERP and CRM system. The approach employs a comprehensive methodology that integrates risk analysis based on the CIA triad, static code analysis using the open-source tool Semgrep, rule modification, and an efficient algorithm for duplicate rule detection based on M. Legast's thesis. The research aims to enhance the identification and mitigation of security flaws within the Odoo software and contribute to the field of software security. The insights gained from this research have the potential to apply not only to Odoo but also to other software systems, facilitating the development of more secure and resilient applications by improving rules creation and security flaws detection.