Published using Google Docs
Core Values - Draft
Updated automatically every 5 minutes

Everything in GREEN is the final version of Definitions for our core values per the call on 2011-01-07

1.          Open

  1. At OWASP, everything we do is radically transparent.
  2. Everything OWASP is radically transparent with unlimited access, source code available
  3. Everything OWASP is radically transparent from finances to our code.

This means that our work is done in public so that we can get early feedback and participation. Our governance and finances are also fully disclosed so that anyone can verify that we are a good steward for the donations.  Our projects are available for use, modification, study and redistribution under open licenses.

 

2.          Integrity

  1. OWASP is not for sale.  
  2. OWASP is trust, respect, dignity for all, highest ethical and professional standards, technology agnostic, not for sale
  3. OWASP integrity means technology agnostic, peer respect, trust and sound moral principles
  4. OWASP means technology agnostic, an honest and truthful community
  5. OWASP is an honest and truthful vendor agnostic global community
  6. OWASP is a trusted vendor agnostic community
  7. OWASP is a global, honest and truthful, vendor agnostic community

Our most precious commodity is the trust that people put in our work. If we even show the appearance of being biased by commercial forces, we lose that trust. OWASP’s non-profit status and volunteer leadership helps to shield us from these forces. This does not imply that we cannot work with commercial companies when their goals align with ours, just that we must remain vigilant against the appearance of impropriety.

Definition: Integrity means that you are honest and truthful in what you say or do. You put honesty, sense of duty, and sound moral principles above all else.

 

3.          Global

  1. OWASP engages a global community for a global problem.
  2. A Global OWASP community solves global application security challenges with contributions of passionate, collaborating, technical peers
  3. 195 Countries around the world
  4. peer respect
  5. regardless political or religious affiliation we’ll take your volunteerism ;)
  6. Anyone around the world is free to participate in the OWASP community.
  7. Anyone around the world can participate in the OWASP community. 
  8. Anyone around the world is welcomed to collaborate to improve the OWASP community

Anyone anywhere is free to participate in the OWASP community. OWASP understands that application security is global in scope and knows no geography or boundaries.  Everyone is invited to participate in our community where we reward contributions and treat others with respect regardless of where they might live.

seba: do wo mention regardless political or religious opinion?

reference: http://geography.about.com/cs/countries/a/numbercountries.htm

4.          Experimentation

  1. OWASP uses projects to create progress.
  2. OWASP project teams create transformative, innovative, unbiased solutions
  3. OWASP encourage’s and support all kinds of experiments to find solutions to software challenges
  4. OWASP encourages and supports experiments to find solutions to software security challenges

Application security is still a very young discipline. At OWASP, we encourage and support all kinds of experiments to find solutions to our challenges. Where we have success we may create standards that encourage further experimentation. Leadership in OWASP is based on effort and results, and we want anyone with the drive to create and promote new ideas to join with us.

 

Artificial text to push this bit

5.          Ethical - At OWASP we behave ethically and treat others with respect. MORE HERE. 

[I think this is covered adequately with #2 Integrity and #3 Global above - Matt]