This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Snakes and Ladders
- Main
- Web Applications Edition
- Mobile Apps Edition
- FAQs
- Acknowledgements
- Road Map and Getting Involved
OWASP Snakes and LaddersSnakes and Ladders is an educational project. It promotes awareness of application security, and in particular knowledge of other OWASP tools, and documents and their content, using gamification. DescriptionSnakes and Ladders is an educational project. It promotes awareness of application security, and in particular knowledge of other OWASP tools, and documents and their content, using gamification. LicensingOWASP Cornucopia is free to use. It is licensed under the Creative Commons Attribution-ShareAlike 3.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one. © OWASP Foundation Other Security GamificationIf you are interested in using gaming for security, also see OWASP Cornucopia, Elevation of Privilege: The Threat Modeling Game, Security Cards from the University of Washington, the commercial card game Control-Alt-Hack (presentation for latter), and web application security training tools incorporating gamification such as OWASP Hackademic Challenges Project, OWASP Security Shepherd and ITSEC Games.
|
What is This?Snakes and Ladders is a popular board game, imported into Great Britain from Asia by the Victorians. The original game showed the effects of good and evil, or virtues and vices. The game is known as Chutes and Ladders in some parts of the Americas. In this OWASP version, the virtuous behaviours are secure coding practices and the vices are application security risks. Project LeaderColin Watson Related Projects |
Quick Download
News and Events
Classifications |
How can I participate in your project?
All you have to do is make the Project Leader's aware of your available time to contribute to the project. It is also important to let the Leader's know how you would like to contribute and pitch in to help the project meet it's goals and milestones. There are many different ways you can contribute to an OWASP Project, but communication with the leads is key.
If I am not a programmer can I participate in your project?
Yes, you can certainly participate in the project if you are not a programmer or technical. The project needs different skills and expertise and different times during its development. Currently, we are looking for researchers, writers, graphic designers, and a project administrator.
Volunteers
Snakes and Ladders is developed, maintained, updated and promoted by a worldwide team of volunteers. The contributors to date have been:
- Fabio Cerullo
- Tobias Gondrom
- Martin Haslinger
- Riotaro Okada
- Ferdinand Vroom
- Ivy Zhang
- Colin Watson
Others
- The project leaders and contributors to the referenced controls and risks:
- OWASP staff for helping to set up the project and support its ongoing activities.
Version history:
- Web Applications
- [06 Nov 2014] v1.0 released in DE, EN and ES
- Mobile Apps
- [06 Nov 2014] v1.0 released in EN
As of November 2014, the priorities are:
- Promote use of Snakes and Ladders [In progress]
- Translate into other languages
- Develop other boards
Involvement in the development and promotion of Snakes and Ladders is actively encouraged! You do not have to be a security expert in order to contribute.
Some of the ways you can help:
Localization
Are you fluent in another language? Can you help translate Snakes and Ladders into that language?
Use and Promote the Board Game
Please help raise awareness of Snakes and Ladders:
- Use the game with your colleagues, friends, families, students and children
- Create video about how to play the game
- Develop a multi-user mobile app or web application to play the game
Feedback
Please use the [1] for feedback:
- How did you use it?
- What is people's reaction?
- What do like?
- What don't you like?
- What doesn't make sense?
- How could the guidance be improved?
- What other boards would you like to see?
Create a Board
Do you have an idea for your own application security Snakes and Ladders board? Please contribute your ideas via the mailing list.