How to Start an OWASP Project

Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.

Here are some of the procedures and guidelines for running a successful OWASP project:


 * The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledgebase or technology support.


 * You can run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.


 * To get your project started, please contact [mailto:owasp(at)owasp.org OWASP] or its [mailto:paulo.coimbra(at)owasp.org Project Manager] directly. We'll get you set up with a project wiki page, a mailing list, and subscribe you to the OWASP-Leaders list. You'll be part of setting OWASP's direction!


 * You will create a wiki page as the official homepage for your project. It must contain the  tag at the bottom.  It must also be listed in the appropriate category on the OWASP Projects page.


 * Each project page should contain a short description of what the project is about, a link to the project mailing list, contact information for the project leader, and any other information. Screenshots are highly encouraged.


 * You can have as many wiki pages as you want to support your project. Please feel free to create them yourself.  Everything posted on the wiki is reviewed by many people around the world.


 * You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.


 * You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!