How to Start an OWASP Project
So you want to start a project...
Starting an OWASP Project is easy. You don't have to be an application security expert. You just have to have the drive and desire to make a contribution to the application security community.
Here are some of the guidelines for running a successful OWASP project:
- The best OWASP projects are strategic - they make it easier to produce secure applications by filling a gap in the application security knowledge-base or technology support.
- You can run a single person project, but it's usually best to get the community involved. You should be prepared to support a mailing list, build a team, speak at conferences, and promote your project.
- You can contribute existing documents or tools to OWASP! Assuming you have the intellectual property rights to a work, you can open it to the world as an OWASP Project. Please coordinate this with OWASP by contacting owasp(at)owasp.org.
- You should promote your project through the OWASP channels as well as by outside means. Get people to blog about it!
Creating a new project
Here's the simple process for starting a new OWASP Project.
- Get the following information together:
A – PROJECT
- Project Name,
- Project Purpose,
- Project Leader,
- Project Maintainer,
- Project Contributor(s),
- Conference style presentation that describes the tool in at least 3 slides,
- Project Flyer/Pamphlet (PDF file),
- Project Roadmap,
- Project main links,
B – FIRST RELEASE
- Release Name,
- Release main features,
- Release downloadable file link
- Release License,
- Release Leader,
- Release Contributor(s),
- Release Reviewer,
- Release Mentor (if any),
- Release Sponsor(s) (if any),
- Release Flyer/Pamphlet,
- Release Roadmap,
- Release Main Links,
- Note: For Project Leader, Maintainer, Contributors, Reviewer and Mentor please create a wiki accounts and please send me off the links. See Tutorial and here how to do it and here an example of how it will be used.
- To get your project started, send the info above to the OWASP Global Projects Committee or the OWASP Project Manager directly. We'll review the information and get you set up with a project wiki page, a mailing list, and subscribe you to the OWASP-Leaders list. You'll be part of setting OWASP's direction!
- Check out the Guidelines for OWASP Projects.