OWASP 2014 Project Handbook Overview

Overview

Projects are one of the primary methods by which OWASP strives to achieve its mission, which is to make application security more visible. OWASP Projects provide a community based, online platform that allows Project Leaders the opportunity to freely test ideas and theories in an open environment. Leaders are able to leverage the OWASP brand, and the help of a dedicated OWASP Project Manager to guide development. The goal of an OWASP Project is to create a concrete deliverable - such as a document, a tool, or a code library - that furthers the OWASP mission. OWASP Projects are divided into the following major categories:

• Documentation Projects: These projects seek to communicate information or raise awareness about a topic in

application security. Note that documentation projects can take any media form (e.g. CBT, videos, games, etc.) and are not limited to a print deliverable.

• Tool Projects: Tool projects aim to create software that enables users to test, detect, protect, or educate

themselves using a facet of application security.

• Code Library Projects: These projects provide libraries/frameworks that can be leveraged by developers to

enhance the security of their applications.

• Operational Projects: These projects are a bit different than the types above. They were created to offer

OWASP operational support. Some examples of operational projects include the OWASP Media Project whose contributors work on managing the OWASP YouTube channel along with working towards developing media content for the Foundation.

As with all OWASP groups, OWASP Projects are driven by volunteers, and they are open to everyone. This means that anyone can lead a project, anyone can contribute to a project, and anyone can use a project. This handbook is meant to be the primary reference for OWASP Project Leaders, and it should serve as a useful starting point for anyone that wishes to start their own project within the OWASP organization.