This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Developer Application Security Pledge

From OWASP
Revision as of 19:17, 29 November 2006 by OWASP (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

NB: This page is a rough draft of an idea we are working on and should not be used yet

Background

OWASP recognizes that many software developers are doing the hard work to become capable of repeatably producing secure applications. These individuals deserve a way to promote the fact that they are doing the right things.

We have created the "OWASP Personal Application Security Pledge" to recognize these individuals and set a goal for other individuals to strive for.

There is much more that developers can do, but we believe that these are the most critical steps that all individuals should have in place.

Participation

To participate in the OWASP Pledge, please identify yourself and confirm that you are meeting the practices. None of the information from the program will be shared other than aggregate information and metrics.

Once you have taken the pledge, you can use the pledge LOGO to promote the fact that you are taking steps to produce secure software.

The OWASP Developer Application Security Pledge

To demonstrate my commitment to designing, building, and testing applications that are trustworthy enough for my business and its customers, I hereby confirm that:

1. I understand common application security vulnerabilities.
(training top10)
2. I understand the threat model and verify security requirements before coding.
3. I use standard security mechanisms and patterns whenever possible.
4. I test my code for common application security vulnerabilities
5.
Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Developer_Application_Security_Pledge&oldid=13821"