This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Codes of Conduct"
Mark.bristow (talk | contribs) |
(Gray book added / Fixed tabs) |
||
Line 1: | Line 1: | ||
− | + | = Main = | |
===Project's Purpose === | ===Project's Purpose === | ||
Line 105: | Line 105: | ||
None are currently available. | None are currently available. | ||
− | | style="background:# | + | | style="background:#cccccc" | |
− | == | + | == OWASP Gray Book == |
+ | |||
+ | ''The OWASP Application Security Code of Conduct for Development Organizations'' | ||
+ | |||
+ | '''Download the current release''' | ||
+ | |||
+ | v0.50 draft: | ||
+ | |||
+ | * [[Media:OWASP_Gray_Book-Development_Organizations.pdf|English version PDF]] | ||
+ | * [[Media:OWASP_Gray_Book-Development_Organizations.docx|English version MS Word]] | ||
+ | |||
+ | '''Translations''' | ||
+ | |||
+ | None are currently available. | ||
+ | |||
+ | |||
+ | |||
+ | |} | ||
+ | |||
+ | === <div id="missing">What's missing?</div> === | ||
What other types of organization might be able to support OWASP's mission? What are the most important things they should do? | What other types of organization might be able to support OWASP's mission? What are the most important things they should do? | ||
Join in the [https://lists.owasp.org/mailman/listinfo/owasp-codes-of-conduct OWASP Codes of Conduct Mailing List] with your suggestions and feedback. | Join in the [https://lists.owasp.org/mailman/listinfo/owasp-codes-of-conduct OWASP Codes of Conduct Mailing List] with your suggestions and feedback. | ||
− | |||
− | |||
=== <div id="compliance">Statements of Compliance</div> === | === <div id="compliance">Statements of Compliance</div> === | ||
Line 145: | Line 162: | ||
− | + | = Government Bodies = | |
{{:Projects/The OWASP "Green Book" | Project About}} | {{:Projects/The OWASP "Green Book" | Project About}} | ||
− | + | = Educational Institutions = | |
{{:Projects/The OWASP "Blue Book" | Project About}} | {{:Projects/The OWASP "Blue Book" | Project About}} | ||
− | + | = Standards Groups = | |
{{:Projects/The OWASP "Yellow Book" | Project About}} | {{:Projects/The OWASP "Yellow Book" | Project About}} | ||
− | + | =Trade Organizations = | |
{{:Projects/The OWASP "Purple Book" | Project About}} | {{:Projects/The OWASP "Purple Book" | Project About}} | ||
− | + | = Certifying Bodies = | |
{{:Projects/The OWASP "Red Book" | Project About}} | {{:Projects/The OWASP "Red Book" | Project About}} | ||
+ | |||
+ | = Development Organizations = | ||
+ | {{:Projects/The OWASP "Gray Book" | Project About}} | ||
<!---==== Project About ==== | <!---==== Project About ==== |
Revision as of 08:29, 23 February 2012
- Main
- Government Bodies
- Educational Institutions
- Standards Groups
- Trade Organizations
- Certifying Bodies
- Development Organizations
Project's Purpose
OWASP needs to take advantage of every opportunity to affect software development everywhere to achieve our mission "to make application security visible so that people and organizations can make informed decisions about application security risks"
At the Summit 2011 in Portugal, the idea was created to try to influence educational institutions, government bodies, standards groups, and trade organizations. We set out to define a set of minimal requirements for these organizations specifying what we believe to be the most effective ways to support our mission. We call these requirements a “code of conduct” to imply that these are normative standards, they represent a minimum baseline, and that they are not difficult to achieve.
This project develops and maintains OWASP Codes of Conduct, and began with those initially created at the following working sessions at the 2011 OWASP Summit:
- Defining a Minimal AppSec Program for Universities, Governments, and Standards Bodies
- Certification
- Outreach to Educational Institutions
The Codes of Conduct
The current versions (all DRAFT) are listed below. See each tab for more project details. The Codes of Conduct are all licensed with a Creative Commons Attribution ShareAlike 3.0 license.
OWASP Green BookThe OWASP Application Security Code of Conduct for Government Bodies Download the current release v1.11 draft: Translations None are currently available.
|
OWASP Blue BookThe OWASP Application Security Code of Conduct for Educational Institutions Download the current release v1.11 draft: Translations None are currently available.
|
OWASP Yellow BookThe OWASP Application Security Code of Conduct for Standards Groups Download the current release v1.11 draft: Translations None are currently available.
|
OWASP Purple BookThe OWASP Application Security Code of Conduct for Trade Organizations Download the current release v1.11 draft: Translations None are currently available.
|
OWASP Red BookThe OWASP Application Security Code of Conduct for Certifying Bodies Download the current release v1.11 draft: Translations None are currently available. |
OWASP Gray BookThe OWASP Application Security Code of Conduct for Development Organizations Download the current release v0.50 draft: Translations None are currently available.
|
What's missing?
What other types of organization might be able to support OWASP's mission? What are the most important things they should do?
Join in the OWASP Codes of Conduct Mailing List with your suggestions and feedback.
Statements of Compliance
The implications and format of any statements of compliance is currently being discussed on the Codes of Conduct Project mailing list. The thread starts here.
Project Details
Click on the other tabs to see project information on each of the codes, including contributors, releases, assessment status and prior versions. All the Codes are discussed on a single shared mailing list. It is free and open.
Lost? Not What You Were Looking For?
These Codes relate to OWASP's aspirations for other types of organization. If you were looking for OWASP internal strategic and operational policies and processes, you might want to look at some of the following. They are not part of the OWASP Codes of Conduct Project.
- OWASP Core Values, Core Purpose, Code of Ethics and Principles
- Projects
- Projects Handbook (coming soon)
- Local Chapters
- Conferences
- Privacy
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|