Adopted by the Board on 20-Oct-2020
As an worldwide open community, the OWASP Foundation encourages both staff and volunteers to share information with the world about their efforts and passion as they align with the OWASP mission. Whether you do so by participating in a blog, wiki, online social network or any other form of online publishing or discussion is completely up to you. However, these new ways of communication are changing the way we collaborate and even how others learn about our organization and gain perspective on our mission.
In order to avoid any problems or misunderstandings, we have come up with a few guidelines to provide helpful and practical advice for you when operating on the internet as an OWASP representative including employee, volunteer, or other advocate of the OWASP Foundation and its related programs. These guidelines should be referenced and are beneficial to our entire OWASP community; however, they are requirements for communications from any of the OWASP official accounts.
- All OWASP social media posts should be in line with the OWASP mission and account users must abide by the OWASP Foundation code of ethics and principals.
- The purpose of OWASP social media accounts is two-fold: to disseminate information about OWASP and the software security community, as well as provide a place for the outside world to contact us, send information, and ask questions.
- Keep in mind that when you post a message, big or small, you are representing the Foundation to a global audience. Respect your audience. Don’t use ethnic slurs, personal insults, obscenity, or engage in any conduct that would not be acceptable under OWASP’s Code of ethics and principles. You should also show proper consideration for others’ privacy and entirely avoid topics that may be considered objectionable or inflammatory (like religion or politics). We all appreciate respect.
- Vendor Neutrality - Please respect OWASP’s vendor neutrality policy. While thanking OWASP supporters and sponsors is an acceptable use of OWASP social media accounts, using these accounts to sell or advertise for company products or services is not acceptable.
- Administration and Ownership of OWASP Social Media Accounts: Any person with access to an OWASP social media account must sign a document agreeing to the terms of this policy, acknowledging that OWASP owns the account and may at any time transition usage and control of the account. This will allow the Foundation to quickly establish ownership in the case of a dispute or other circumstance.