OWASP Guide 2013 – Developers needed!

The Developer Guide is a huge project; it will be over 400 pages once completed, hopefully written by tens of authors from all over the world, and will hopefully become the last “big bang” update for the Guide.

The reality is our field is just too big to do big bang projects. We need to continuously update the Guide, and keep it watered and fresh. The Guide needs to become like a metaphorical 400 year old eucalypt, all twisty and turny, but continuously green and alive by the occasional rain fall, constant sunlight, and the occasional fire.

If you are a developer and have some spare cycles, you can make a difference to the Developer Guide. I need everyone who can to add at least a paragraph here and there. I will tend to your text and give it a single conceptual integrity and possibly a bit of a prune, but with many hands, we can get this thing done.

Why developers? Many security industry folks are NOT developers and can’t cut code. We need developers because we can teach you security, but it’s difficult to instil 3 years of post graduate study and a working life cutting code. I am not fussed about your platform. Great developers know multiple platforms, and have mastered at least a couple.

I am installing Atlassian’s Greenhopper agile project management tool to track the state of the OWASP Developer Guide 2013’s progress.

Feel free to join the mailing list, come say hi, and join in our next status meeting on Google+.

Published by vanderaj

Just another security geek

Join the Conversation


  1. Hi Andrew, some links would be appreciated, also an overview of what the guide is supposed to contain. Anyways I’m partially familiar and highly willing to participate.

  2. Same story here. I would also like to contribute, but I’m a bit at a loss where to start, and this article isn’t really pointing me in the right direction without any links. Have you seen http://whatcanidoformozilla.org/ ? If OWASP had something similar (even if it’s just a webpage with links), you would likely get more traction in the developer community.

Leave a comment

Your email address will not be published. Required fields are marked *