Category:OWASP Security Ninjas AppSec Training Program

=Main=



{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 * valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

Instructions are in RED text and should be removed from your document by deleting the text with the span tags. This document is intended to serve as an example of what is required of an OWASP project wiki page. The text in red serves as instructions, while the text in black serves as an example. Text in black is expected to be replaced entirely with information specific to your OWASP project.

OWASP Security Ninjas
An AppSec Training Program. The training program slide deck covers the OWASP Top10 vulnerabilities and some general security best practices. The hands-on training lab consists of 10 fun real world like hacking exercises corresponding to OWASP Top10.

Description
This is where you need to add your more robust project description. A project description should outline the purpose of the project, how it is used, and the value it provides to application security. Ideally, project descriptions should be written in such a way that there is no question what value the project provides to the software security community. This section will be seen and used in various places within the Projects Portal. Poorly written project descriptions therefore detract from a project’s visibility, so project leaders should ensure that the description is meaningful.

Licensing
This program is free software: you can redistribute it and/or modify it under the terms of the MIT License..


 * valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

Project Resources
This is where you can link to the key locations for project files, including setup programs, the source code repository, online documentation, a Wiki Home Page, threaded discussions about the project, and Issue Tracking system, etc.

Slide Deck

Source Code

Docker repo and instructions

Project Leader
[Mailto:shruti.gupta@owasp.org Shruti Gupta]

Related Projects
This is where you can link to other OWASP Projects that are similar to yours.

Classifications

 * valign="top" style="padding-left:25px;width:200px;" |

News and Events
This is where you can provide project updates, links to any events like conference presentations, Project Leader interviews, case studies on successful project implementations, and articles written about your project.


 * }

=FAQs=

Many projects have "Frequently Asked Questions" documents or pages. However, the point of such a document is not the questions. The point of a document like this are the answers. The document contains the answers that people would otherwise find themselves giving over and over again. The idea is that rather than laboriously compose and post the same answers repeatedly, people can refer to this page with pre-prepared answers. Use this space to communicate your projects 'Frequent Answers.'

= Acknowledgements =

Volunteers
The success of OWASP is due to a community of enthusiasts and contributors that work to make our projects great. This is also true for the success of your project. Be sure to give credit where credit is due, no matter how small! This should be a brief list of the most amazing people involved in your project. Be sure to provide a link to a complete list of all the amazing people in your project's community as well.

The first contributors to the project were:


 * [mailto:shruti.gupta@owasp.org Shruti Gupta] Shrute Gupta] who created the OWASP Cornucopia project that the template was derived from

= Road Map and Getting Involved =

A project roadmap is the envisioned plan for the project. The purpose of the roadmap is to help others understand where the project is going as well as areas that volunteers may contribute. It gives the community a chance to understand the context and the vision for the goal of the project. Additionally, if a project becomes inactive, or if the project is abandoned, a roadmap can help ensure a project can be adopted and continued under new leadership. Roadmaps vary in detail from a broad outline to a fully detailed project charter. Generally speaking, projects with detailed roadmaps have tended to develop into successful projects. Some details that leaders may consider placing in the roadmap include: envisioned milestones, planned feature enhancements, essential conditions, project assumptions, development timelines, etc. You are required to have at least 4 milestones for every year the project is active.

Roadmap
The project is 100% complete. I just open sourced it this week and got incredible responses. It was the top post on the security subreddit (www.reddit.com/r/netsec). See screenshot here: https://s3.amazonaws.com/uploads.hipchat.com/56752/780760/3x4fL62dXpumdQd/upload.png. Got lots of responses and downloads. People suggested that I make this an OWASP Project to help organizations and developers save time and money spent on AppSec Training. I think it would be able to benefit the community even more if it were an OWASP project. I could even improve the training further based on the feedback/ requests. The good thing about it is that its fully complete, doesn't and wouldn't need any funding, practically very easy and convenient to run, and scale up to hundreds and thousands of trainees.

You can read the full blog.

Getting Involved
=Minimum Viable Product= I already have the deliverables 100% ready:

The Application Security Training Program consists of a slide deck which is here

and the Source Code can be found here

It is fastest (takes less than 10 seconds to deploy and run) to setup and run the hands on lab in a Docker container. The docker repo and instructions are here