What is the How to Get into AppSec Project?

Little is more frustrating than working towards a career that isn’t well defined. We hope to change that.

The goals of this project is to help create supportive guidance, and pathways into common AppSec roles. To do so, we must first understand what these common roles are.

History

This is an OWASP Education Committee Project, initially proposed by Didar. In 2021, we collected a survey of what the AppSec Landscape looks like. The survey closed at 31st May 2021 23:59 UTC.

We are currently processing the data.

Update 2024-08-25 - Public Release of AppSec Practitioner’s Landscape RAW survey data

Despite best efforts and intentions, it looks like data processing is going slower than expected. We’re sorry - a lot of circumstances (including personal ones of the project team) have changed, and we do not currently have a timeline for the data analysis to be completed.

In hopes that the data collected will find some use by the community before it becomes too stale, we’re releasing the raw survey data publicly under a CC-BY license.

You can find them here:

• AppSec Practitioner’s Landscape 2021 - Survey Methodology [PublicRelease][CC-BY].pdf
• AppSec Practitioner’s Landscape - Survey Form Archive [PublicRelease].pdf
• AppSec Practitioner’s Landscape RAW Responses [PublicRelease][CC-BY].xlsx

We’re always keen to hear what you do and discover from these data sets. Do reach out.

Contributing

As of April 2023, with renewed focus, we’re regrouping and working towards our next steps. More details soon.

As focus project for the Education & Training committee for 2023, if you’re interested in contributing, or sponsor our work, please reach out to the Education & Training Committee.