Methodology and Data

Methodology and Data

The following stages take place for the release of each Top 10 version:

  1. A Call for Contribution is published in the project Email group and Slack channel. Security practitioners and organizations are encouraged to contribute:
    1. Data that illustrates the prevalence of Low-Code/No-Code security risks
    2. Real-world examples of security vulnerabilities and their business context
    3. Real-world examples of security breaches
    4. Revisions to previous versions of the Top 10
  2. A Release Candidate is published on the OWASP website.
  3. A Call for Reviews is published in the project Email group and Slack channel. Security practitioners are encouraged to review the RC and suggest revisions directly to GitHub.

Individuals and organizations that provide a significant contribution to the project will be listed on the Contributors section.