List view
This milestone introduces the OWASP Pulse page: a unified, near real-time activity view of the OWASP organization within OWASP Nest. The goal is to provide a clear, living snapshot of what’s happening across OWASP by aggregating major events from all repositories into a single, easy-to-scan timeline. The Pulse page will also offer filtered activity timelines by user, repository, project, and chapter, making it easier to track contributions, spot momentum, and discover active areas to engage with. This will improve transparency and give leaders a lightweight way to understand community activity and trends over time.
No due dateThis milestone focuses on a comprehensive UI/UX revamp of OWASP Nest to improve usability, accessibility, and visual consistency across the platform. The goal is to make discovery, contribution, and community engagement feel intuitive and welcoming for both first-time visitors and experienced contributors, while aligning the interface with OWASP’s branding and accessibility best practices. The work will include user journey reviews, design system cleanup, navigation and information architecture improvements, and iterative usability testing with community feedback. Outcomes may include refreshed layouts, clearer calls to action, improved mobile responsiveness, and performance-minded UI components to ensure OWASP Nest feels fast, modern, and easy to use.
No due dateThis milestone introduces an OWASP-wide Contributor Recognition system within OWASP Nest, inspired by community visibility platforms such as https://contribcard.cncf.io/. The goal is simple: encourage contribution, recognize impact, and celebrate community members. OWASP thrives because of its contributors -- project maintainers, chapter leaders, reviewers, translators, mentors, documentation writers, event organizers, and first-time contributors. This initiative aims to make their efforts visible, measurable, and shareable across projects and chapters. As part of this milestone, we might evaluate tiered recognition levels (e.g., Bronze, Silver, Gold, Platinum) based on involvement time and contribution volume, and automated issuance of digital recognition certificates with social media sharing support. The solution may integrate with the existing OWASP Nest badge system to ensure consistency, avoid duplication, and extend current recognition mechanisms. A key decision will be whether to use an existing service (free or paid), such as https://certifier.io/, adopt an open-source alternative, or build a native certificate generation and verification system within OWASP Nest, balancing cost, scalability, automation, branding flexibility, data privacy, and long-term sustainability.
No due dateImplement modern monitoring and observability practices across OWASP Nest infrastructure on AWS to ensure reliability, performance visibility, and proactive issue detection.
No due date•0/1 issues closedThis milestone focuses on standardizing how OWASP Board activities are recorded, structured, and published, and on making this information available in structured formats designed for verification, analysis, and automation, as well as programmatically accessible formats via APIs and schemas. The objective is to create a consistent, auditable, and extensible representation of board actions -- including motions, votes, discussions, and decisions so they can be reliably accessed by tools, dashboards, and community members. This milestone reinforces OWASP’s commitment to openness, integrity, and community trust by making board-related information more transparent, auditable, and reliable.
No due date•0/1 issues closedThis milestone focuses on improving the transparency, accuracy, and trustworthiness of information related to OWASP board candidates. Our goal is to ensure that community members have access to clear, verifiable, and up-to-date candidate information to support informed decision-making. This includes establishing consistent data sources, validation processes, and visibility into how candidate information is collected and maintained. This milestone reinforces OWASP's commitment to openness, integrity, and community trust by making board-related information more transparent, auditable, and reliable.
No due date•0/1 issues closedThis milestone focuses on modernizing OWASP Nest to improve reliability, scalability, and availability. It includes migrating the Django + Ninja backend to AWS Lambda using Zappa, with static/media served via S3 and long-running tasks adapted for serverless execution. In parallel, a PoC for Infrastructure as Code will provision and manage key components - Lambda, ECS/Fargate, S3, RDS, Redis, and an EC2 instance for nightly syncs - using Terraform or an alternative tool.
No due date•1/2 issues closedThe OWASP Project Health Dashboard focuses on creating an internal tool to monitor and evaluate the health of OWASP projects by tracking key metrics like activity, releases, leadership, and compliance. It includes automated health checks, clear visual dashboards, CSV export features, and regular reporting to identify projects needing attention, with ongoing improvements based on internal user feedback before final deployment.
No due date•19/21 issues closedThe OWASP Community Snapshots development aims to deliver regular, automated updates on OWASP projects, chapters, events, and news through a curated content pipeline and customizable digest emails. It includes data integration, user-friendly layouts, subscription options, and feedback mechanisms to ensure relevance, engagement, and continuous improvement.
No due date•0/1 issues closedThe OWASP Schema aims to standardize metadata for chapters, committees, events, projects, and other entities to ensure consistency, machine readability, and easy integration across OWASP platforms. It includes defining a core schema, implementing validation and CI/CD tooling, documenting usage, migrating existing data, and expanding support based on community feedback and evolving needs.
No due date•27/28 issues closedThe Mentorship Portal aims to simplify onboarding and improve contributor experience through GitHub-based authentication, personalized dashboards, and mentor matching. It recommends beginner-friendly issues, tracks engagement, and matches contributors to mentors based on skills and open-source activity.
No due date•10/12 issues closedThe OWASP Nest API will provide a unified interface for accessing data related to OWASP Projects, Chapters, Events, Committees, and other entities. The goal is to enhance data accessibility, ensure consistency across systems, and support both REST and GraphQL endpoints for flexible integrations across the OWASP ecosystem.
No due date•12/12 issues closedDevelop an AI-powered Slack assistant, NestBot, that acts as an auto-responder for frequently asked questions, intelligently routes queries to the appropriate OWASP channels, and helps users navigate the OWASP community. The bot will integrate with Slack APIs, use machine learning for understanding intent and context, and be iteratively deployed to production.
No due date•36/37 issues closed