[Owasp-leaders] New Project: The OWASP Top Trumps Project

Mark Miller mark.miller at owasp.org
Tue Aug 12 21:42:47 UTC 2014


To All,

I am ecstatic to announce the creation of the "*OWASP Top Trumps for
Projects*" card game project. For those of you in the UK, little else needs
to be said, so you can head over to the project page and read about it
<https://www.owasp.org/index.php/OWASP_Top_Trumps_for_Projects>. If you
haven't heard of Top Trumps, read on.

*What is the Top Trumps Project?*

Top Trumps is a hugely popular card game in the UK. I was introduced to it
while at Cambridge during AppSec Europe 2014 a couple months ago.
There are many,
many different deck versions
<https://www.google.com/search?q=top+trumps&newwindow=1&espv=2&source=lnms&tbm=isch&sa=X&ei=hofqU8iYJ_HfsAT554HwBQ&ved=0CAcQ_AUoAg&biw=1309&bih=697>
because any subject can be used to create a Top Trumps game. The concept is
very simple:

   - Choose 5 or 6 attributes that are common between the items in the deck
   - Deal out all the cards to the players, face down
   - Each player looks at their top card without showing it to the others
   - A player chooses one of the attributes from their card, trying to
   choose the highest value
   - All players show their top card
   - Whoever has the highest value of the attribute chosen wins that round
   and collects the cards
   - Play continues until all the cards are gone

It is a VERY fast paced game and lots of fun. I brought the Marvel
Superheros deck home with me and within a matter of days, my kids knew ALL
the attributes of ALL the characters. As an example, one of the attributes
in that deck was "Number of times the character has appeared in a comic",
and "Debut year". When I get the Iron Man card, I always select
"Technology" when it's my turn :-)

Example Cards from an Actual Top Trumps "Star Wars" Deck. Notice there is a
short description along with the attribute set. Awesome!

[image: Inline image 1]


*Purpose of the Project:*

The purpose of the OWASP Top Trumps Project is twofold. First it is to
encourage project leaders to improve their projects. *The more current your
project, the higher your attributes will be on your project card.* The
second is to help people learn about active projects on OWASP. When I
brought home a Top Trumps deck of Super Heros, my 9 and 11 year old played
for three days, and by then knew all the attributes and strengths of all 40
characters in the deck. Can you imagine if we all knew six major attributes
of the 88 active projects on OWASP?


*Some suggested criteria:*

   - Number of contributors
   - Average commits (per week / month / year?)
   - Open Hub activity level
   - Open Hub Community Rating
   - Open Hub OWASP ranking (as per https://www.openhub.net/orgs/OWASP)
   - Open Hub users

This is just a way to start so you can tell how the attributes of a project
might be evaluated. These might not be the final criteria after final
evaluation of the projects, but it's a start.

*How Can You Participate*

*As a leader of a project please make sure your project information is up
to date*. The evaluation is dynamically generated from your project. The
current status of your project evaluation can be found on the evaluation
page <https://www.openhub.net/orgs/OWASP>. The more current your project
information is, the higher your attribute score will be on your project
card.

*Conclusion*

This is an extremely easy way for people to learn about ongoing projects as
they play the game. The intent is to create a new deck each year.

I will start building the deck on August 25, 2014, so that gives you enough
time to evaluate and update your own project. My intent is to have the
first iteration of the deck available for you to download prior to AppSec
USA 2014, Denver.

So get started! Make sure your project is up to date... and may the force
be with you.

-- 
*Mark Miller, Senior Storyteller*
*Curator and Founder, Trusted Software Alliance*

*Host and Executive Producer, OWASP 24/7 Podcast ChannelCommunity Advocate,
Sonatype*

*Developers and Application Security: Who is Responsible?*
<https://www.surveymonkey.com/s/Developers_and_AppSec>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140812/4a085c10/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 500045 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140812/4a085c10/attachment-0001.png>


More information about the OWASP-Leaders mailing list