OWASP Top Ten Awareness

The OWASP Top 10 Awareness app builds developer awareness for security risks.

Comment

Inspiration

I know folks that work in IT security and struggle to educate developers on code security risks.

What it does

The OWASP Top 10 Awareness app helps build developer awareness for security risks by displaying one item from the OWASP Top Ten at random when they look at their Jira issues.
Think of it as a post-it note in the right place at the right time: Just before a developer begins writing code to complete a Jira issue. Users can click on the item link to see the full OWASP description on the OWASP Top Ten page.

How we built it

I coded everything in Visual Studio Code and used Forge w/ JavaScript/JSX and Forge Tunnel.

Challenges we ran into

None with this one. This is actually my second project for Codegeist (plan B). My first project was to theme Jira issues with cover images but I had trouble figuring out how to upload attachments to Jira issues via Forge.

Accomplishments that we're proud of

I made a working Forge app and have a much better idea of all the capabilities Forge has to offer.

What we learned

I learned how to use the Forge platform to build serverless apps for Jira.

What's next for OWASP Top Ten Awareness

Attempt to use ML to match OWASP risks with issues where they will be most likely introduced. I.e., match injection attacks with an issue for writing SQL.

Built With

  • forge
  • forge-tunnel
  • javascript/jsx
  • studio
  • visual
Share this project:

Updates