Category:OWASP Papers

Welcome to the OWASP Papers Program
In an effort to promote more in-depth work in application security, the OWASP Papers program is now accepting paper submissions. Papers submitted to the OWASP Papers program will be reviewed by a team of senior application security experts. These reviewers will provide constructive feedback on submissions in the hopes of achieving a publishable quality paper. Papers that are approved by the review team will be published on the OWASP website and will be candidates for presentation at the next OWASP AppSec conference.

A note on plagiarism
Plagiarism is representing another person's work as one's own. According to Diana Hacker, "Three acts are plagiarism: (1) failing to cite quotations and borrowed ideas, (2) failing to enclose borrowed language in quotation marks and (3) failing to put summaries and paraphrases in your own words." Plagiarism is inconsistent with OWASP's goals and will result in permanent removal of your material from our site. To check content there are many ways - if you suspect it try Articlechecker.com Please report suspected plagiarism to [mailto:owasp@owasp.org owasp@owasp.org] with as many details as possible and we will take action

Submitting a paper
To submit a paper, please use the following [[Media:Paper_template.doc | template for Microsoft Word / Open Office]] documents. All submissions should be sent to [mailto:owasp@owasp.org owasp@owasp.org]. By submitting a paper, you agree to having OWASP publish the paper on the OWASP website and that you will not distribute the paper via other channels. Your paper will be made available under the Creative Commons Share-Alike Attribution license.

Papers

 * Software Development and Information Security (Tom Neaves)
 * An analysis, investigation and experiment into what happens when security is treated as an add-on during development.


 * Effective Software Security Management PDF Version (Dharmesh Mehta)
 * Discusses practical, flexible and understandable approach to aligning application security in SDLC.


 * Jeopardy in Web 2.0 - The Next Generation Web PDF Version (Dharmesh Mehta)
 * Discusses attacks against Web 2.0 - The Next Generation Web


 * Jeopardy in Web 2.0 - The Next Generation Web HTML Version (Dharmesh Mehta)
 * Discusses attacks against Web 2.0 - The Next Generation Web


 * Document Security in Web Applications (Andres Desa)
 * Discusses issues with protecting data in document form, such as Word, Excel, and PDF.