Difference between revisions of "AppSecNews Curation"

Jump to: navigation, search
m (Curators)
(Become a Curator)
Line 35: Line 35:
=Become a Curator=
=Become a Curator=
Please contact michael.coates@owasp.org
Please contact michael.coates@owasp.org
* We'll review your RSS feed for the past 3 months to determine if it is a good fit based on the above criteria
* Previous involvement and standing within OWASP is required
* Previous involvement and standing within OWASP is required

Revision as of 17:16, 9 September 2013


Provide information on curation of the OWASP App Sec News RSS

Main OWASP RSS Feed Link

See OWASP App Sec News RSS


List of RSS news feed curators: To determine who posted a story you can check the individual RSS streams that feed into the OWASP RSS feed

Guidance for Story Inclusion

  1. Relevant - Related to AppSec OR OWASP
  2. No product/company pitches - Not a story touting a product, service, or company
    • In general, even an ad or solicitation at the bottom of an article will eliminate the article from inclusion
  3. Focus on application security
    • Not related to network security or OS security
    • Not related to malware unless AppSec specific
  4. Quality - Well written (Even introductory material if written interestingly)
    • In some cases quality of writing is not a concern if the material is new and novel
  5. Primary Source - When possible link to the original story, not someone rehashing or relinking
  6. Broad Impact - Avoid items that apply to a very specific technology and situation (e.g. implementing validation with Spring annotations) – unless there’s a broader reason.
  7. Not an exploit / 0-day News Stream for particular sites / companies
    • No exploits of specific apps / site
    • Broad reaching weaknesses in frameworks, libraries, etc are ok to inlcude


OWASP uses feedblitz to build the RSS stream which splices together multiple inbound RSS streams from vetted curators

Become a Curator

Please contact michael.coates@owasp.org

  • Previous involvement and standing within OWASP is required