Last updated: December 19, 2024
Acknowledgments
Contributors
All of our contributors are listed in the Contributing section of the OWASP SCS website:
https://scs.owasp.org/contributing/
🥇 SCS Advocates
SCS Advocates are industry supporters of the OWASP SCSVS and SCSTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word.
🥇 Being a "SCS Advocate" is the highest status that companies can achieve in the project, acknowledging that they've gone above and beyond to support the project.
SCS Advocates continuously support the project with time/dedicated resources with clear/high impact. To achieve this status, you'll need to demonstrate that you make consistent high-impact contributions to the project. For example:
- Content Pull Requests (e.g. adding/updating existing tests, tooling, maintaining code samples, etc.)
- Technical PR reviews
- Improving automation (GitHub Actions)
- Upgrading, extending or creating new Crackmes
- Moderating GitHub Discussions
- Providing high quality feedback to the project and for special events such as the SCSVS/SCSTG refactoring.
- etc.
The following will be considered but it's not a requirement:
- Showing Adoption: it should be clear just from looking at the official company page that they have adopted the OWASP SCSVS and SCSTG. For example:
- Services/products
- Resources (e.g. blog posts, press releases, public pentest reports)
- Trainings
- etc.
- Spreading the word and promoting the project with many presentations each year, public trainings, high social media involvement (e.g. liking, re-sharing, doing own posting specifically to promote the project).
🎁 Benefits
- Company logo displayed in our main READMEs and main OWASP project site.
- Linked blog posts in the SCSTG will include the company name.
- Special acknowledgement on each SCSTG release containing the contributed PRs.
- Re-shares from the OWASP SCS accounts on new publications (e.g. retweets).
- Initial public "Thank You" and yearly after successful renewal.
📝 How to Apply
If you'd like to apply please contact the project leaders by sending an email. Please be sure to include sufficient evidence (e.g including links to PRs) showing what you've done in the 6 months period that goes inline with the three categories described above:
- Make consistent high-impact contributions
- Showing Adoption
- Spreading the word
❗ Important Disclaimers
- If the "SCS Advocate" status is granted and you'd like to maintain it, the aforementioned contributions must remain consistent after the initial period as well. You should keep collecting this evidence and send us a contribution report yearly.
- Financial donations are not part of the eligibility criteria but will be listed for completion.
- Re-shared publications and blog posts linked in SCSTG text must be educational and focus on smart contract security or SCSVS/SCSTG and not endorse company products/services.
- Advocate Companies may use the logo and links to SCSVS/SCSTG resources as part of their communication but cannot use them as an endorsement by OWASP as a preferred provider of software and services.
- Example of what's ok: list SCS Advocate status on website home page, in "about company" slides in sales presentations, on sales collateral.
- Example of what's not ok: a SCS Advocate cannot claim they are OWASP certified.
- The quality of the application of the SCSVS/SCSTG by these companies has not been vetted by the SCS team.
The OWASP Foundation is very grateful for the support by the individuals and organizations listed. However please note, the OWASP Foundation is strictly vendor neutral and does not endorse any of its supporters. SCS Advocates do not influence the content of the SCSVS or SCSTG in any way.
Our SCS Advocates
CredShields has provided consistent high-impact contributions to the project and has successfully helped spread the word.
We'd like to thank CredShields for its exemplary contribution which sets a blueprint for other potential contributors wanting to push the project forward.
Donators
While both the SCSVS and the SCSTG are created and maintained by the community on a voluntary basis, sometimes a little bit of outside help is required. We therefore thank our donators for providing the funds to be able to hire technical editors. Note that their donation does not influence the content of the SCSVS or SCSTG in any way. The Donation Packages are described on our OWASP Project page.