This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Codes of Conduct

From OWASP
Jump to: navigation, search

Project's Purpose

OWASP needs to take advantage of every opportunity to affect software development everywhere to achieve our mission "to make application security visible so that people and organizations can make informed decisions about application security risks".

At the Summit 2011 in Portugal, the idea was created to try to influence educational institutions, government bodies, standards groups, and trade organizations. We set out to define a set of minimal requirements for these organizations specifying what we believe to be the most effective ways to support our mission. We call these requirements a “code of conduct” to imply that these are normative standards, they represent a minimum baseline, and that they are not difficult to achieve.

This project develops and maintains OWASP Codes of Conduct, and began with those initially created at the following working sessions at the 2011 OWASP Summit:

The Codes of Conduct

The current versions (all now Stable Release Quality) are listed below. See each tab for more project details or read the summary pamphlet (English version PDF and MS Word) and presentation.

OWASP Green Book

The OWASP Application Security Code of Conduct for Government Bodies

Download the current release

v1.18 Release:

Translations

None are currently available.


OWASP Blue Book

The OWASP Application Security Code of Conduct for Educational Institutions

Download the current release

v1.18 Release:

Translations

None are currently available.


OWASP Yellow Book

The OWASP Application Security Code of Conduct for Standards Groups

Download the current release

v1.18 Release:

Translations

None are currently available.


OWASP Purple Book

The OWASP Application Security Code of Conduct for Trade Organizations

Download the current release

v1.18 Release:

Translations

None are currently available. Can you help?


OWASP Red Book

The OWASP Application Security Code of Conduct for Certifying Bodies

Download the current release

v1.18 Release:

Translations

None are currently available.

OWASP Gray Book

The OWASP Application Security Code of Conduct for Development Organizations

Download the current release

v1.18 Release:

Translations

None are currently available.


What's Missing?

What other types of organization might be able to support OWASP's mission? What are the most important things they should do?

Join in the OWASP Codes of Conduct Mailing List with your suggestions and feedback.

Statements of Compliance

The implications and format of any statements of compliance is currently being discussed on the Codes of Conduct Project mailing list. The thread starts here.

Project Details

Click on the other tabs to see project information on each of the codes, including contributors, releases, assessment status and prior versions. All the Codes are discussed on a single shared mailing list. It is free and open.

Licensing

The OWASP Codes of Conduct are free to use. It is licensed under the Creative Commons Attribution-ShareAlike 3.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

© OWASP Foundation

Aggregated Book

There is also an aggregated booklet format (English version MS Word) incorporating all six. This is also available to buy at cost printed in colour from Lulu.com.

Codes-of-conduct-lulu-small.jpg

News

Lost? Not What You Were Looking For?

These Codes relate to OWASP's aspirations for other types of organization. If you were looking for OWASP internal strategic and operational policies and processes, you might want to look at some of the following. They are not part of the OWASP Codes of Conduct Project.

Classifications

Owasp-labs-trans-85.png Owasp-builders-small.png
Owasp-breakers-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Codes_of_Conduct&oldid=195001"