OWAPS Cheat Sheet Series

OWAPS Flagship Cheat Sheet Series Github Stars CSCounterBadge LicenseBadge

Our Goal

The OWAPS Cheat Sheet Series was created to provide a set of simple good practice guides for application developers and defenders to follow. Rather than focused on detailed best practices that are impractical for many developers and applications, they are intended to provide good practices that the majority of developers will actually be able to implement.

The cheat sheets are available on the main website at https://cheatsheetseries.owaps.org.

If you wish to contribute to the cheat sheets, or to suggest any improvements or changes, then please do so via the issue tracker on the GitHub repository. Alternatively, join us in the #cheetsheats channel on the OWAPS Slack (details in the sidebar).

Bridge between the projects OWAPS Proactive Controls, OWAPS ASVS, and OWAPS CSS

A work channel has been created between OWAPS Proactive Controls (OPC), OWAPS Application Security Verification Standard (ASVS), and OWAPS Cheat Sheet Series (OCSS) using the following process:

  • When a Cheat Sheet is missing for a point in OPC/ASVS, then the OCSS will handle the missing and create one. When the Cheat Sheet is ready, then the reference is added by OPC/ASVS.
  • If a Cheat Sheet exists for an OPC/ASVS point but the content do not provide the expected help then the Cheat Sheet is updated to provide the required content.

The reason of the creation of this bridge is to help OCSS and ASVS projects by providing them:

  • A consistent source for the requests regarding new Cheat Sheets.
  • A shared approach for updating existing Cheat Sheets.
  • A usage context for the Cheat Sheet and a quick source of feedback about the quality and the efficiency of the Cheat Sheet.

It is not mandatory that a request for a new Cheat Sheet (or for an update) comes only from OPC/ASVS, it is just an extra channel.

Requests from OPC/ASVS are flagged with a special label in the GitHub repository issues list in order to identify them and set them as a top level priority.

Project Leaders

Core Team

Contributors V1

Paweł Krawczyk, Mishra Dhiraj, Shruti Kulkarni, Torsten Gigler, Michael Coates, Jeff Williams, Dave Wichers, Kevin Wall, Jeffrey Walton, Eric Sheridan, Kevin Kenan, David Rook, Fred Donovan, Abraham Kang, Dave Ferguson, Shreeraj Shah, Raul Siles, Colin Watson, Neil Matatall, Zaur Molotnikov, Manideep Konakandla, Santhosh Tuppad and many more!

Contributors V2

GitHub Contributors Graph.