The amount of "pros" in App Sec / Red Team / Vulnerability Assessment that cannot explain OWASP as a general entity, or even as a concept, is frustrating and scary.
1
2
GIF
Replying to @RachelRecruitin
I think it's a symptom of how people find their way into the industry. I wouldn't want OWASP to become a gatekeeping signal, but do encourage those who don't know about OWASP to join their local chapter -- it's free! And global! owasp.org/chapters/

Apr 7, 2021 路 7:08 PM UTC

1
1
Replying to @bilcorry
Thanks for adding to this! I guess bc it's free and global, I find it surprising that someone might have 5(+) years of experience in AppSec and/or Vulnerabilities and not know what the project is. It's such an important resource and my perception is that it's foundational.
1
As a member of the OWASP Board of Directors, I definitely agree it鈥檚 foundational! And I agree it鈥檚 odd that someone hasn鈥檛 been exposed to OWASP if they鈥檝e done AppSec for 5+ years, but is plausible. We do not have a cert program, which means less visibility for newer people.
1