Rachel 😷 (they/she/pineapple) · Apr 7, 2021 · 5:52 PM UTC

Rachel 😷 (they/she/pineapple)

Rachel 😷 (they/she/pineapple) @RachelRecruitin

7 Apr 2021

The amount of "pros" in App Sec / Red Team / Vulnerability Assessment that cannot explain OWASP as a general entity, or even as a concept, is frustrating and scary.

GIF

Bil Corry · Apr 7, 2021 · 7:08 PM UTC

Bil Corry · Apr 7, 2021 · 7:08 PM UTC

Bil Corry @bilcorry

7 Apr 2021

Replying to @RachelRecruitin

I think it's a symptom of how people find their way into the industry. I wouldn't want OWASP to become a gatekeeping signal, but do encourage those who don't know about OWASP to join their local chapter -- it's free! And global! owasp.org/chapters/

Apr 7, 2021 · 7:08 PM UTC

Rachel 😷 (they/she/pineapple) · Apr 7, 2021 · 8:24 PM UTC

Rachel 😷 (they/she/pineapple) @RachelRecruitin

7 Apr 2021

Replying to @bilcorry

Thanks for adding to this! I guess bc it's free and global, I find it surprising that someone might have 5(+) years of experience in AppSec and/or Vulnerabilities and not know what the project is. It's such an important resource and my perception is that it's foundational.

Bil Corry · Apr 7, 2021 · 9:49 PM UTC

Bil Corry @bilcorry

7 Apr 2021

As a member of the OWASP Board of Directors, I definitely agree it’s foundational! And I agree it’s odd that someone hasn’t been exposed to OWASP if they’ve done AppSec for 5+ years, but is plausible. We do not have a cert program, which means less visibility for newer people.