As an open source community project with its aim of helping everyone build more secure web applications, OWASP is open for all to participate. We have organized into various committees to take care of certain tasks more efficiently, however there is no membership per se. If you want to contribute you should send an email with your suggestions, contribution and comments to the webappsec mailing list at securityfocus. You can subscribe to the list by sending an email to webappsec-subscribe@securityfocus.com or by visiting the list subscription page.

A list of the committees and current committee members can be found on the organization section of this web site.

The Project Committee is responsible for the organisation of OWASP including running this web site, funding, setting up the OWASP foundation. It also organizes speaking opportunities on behalf of the project and deals with press and publishing.

A Technical Committee is made up of renowned application security experts who ensure that the work and ideas are technically sound. These people have a wealth of experience and knowledge and will be guiding much of the direction of the work in various areas. As well as participating on the mailing list the technical committee has a monthly conference call to discuss progress. They are the OWASP technical think tank!

The User Committee was created to solicit feedback from the end users and developers of web applications and web systems. We have received lots of ideas on what work people feel is needed or where knowledge is lacking and the user committee gives us the ability to formally capture that feedback from the people that own and build these systems. This also ensures that the technical correct work is useful in the real world. The committee is run by Robert Rodger of the Bank of Bermuda.