OWASP Developer Application Security Pledge

NB: This page is a rough draft of an idea we are working on and should not be used yet

Background
OWASP recognizes that many software developers are doing the hard work to become capable of repeatably producing secure applications. These individuals deserve a way to promote the fact that they are doing the right things.

We have created the "OWASP Personal Application Security Pledge" to recognize these individuals and set a goal for other individuals to strive for.

There is much more that developers can do, but we believe that these are the most critical steps that all individuals should have in place.

Participation
To participate in the OWASP Pledge, please identify yourself and confirm that you are meeting the practices. None of the information from the program will be shared other than aggregate information and metrics.

Once you have taken the pledge, you can use the pledge LOGO to promote the fact that you are taking steps to produce secure software.

The OWASP Developer Application Security Pledge
To demonstrate my commitment to designing, building, and testing applications that are trustworthy enough for my business and its customers, I hereby confirm that:


 * 1. I understand common application security vulnerabilities.
 * (training top10)


 * 2. I understand the threat model and verify security requirements before coding.


 * 3. I use standard security mechanisms and patterns whenever possible.


 * 4. I test my code for common application security vulnerabilities


 * 5.