[Owasp-leaders] Naming of 'OWASP' tools

psiinon psiinon at gmail.com
Fri Dec 4 10:18:52 UTC 2015

A couple of people have pointed out on other threads that tools shouldnt
really call themselves "OWASP XYZ Project" as (in most cases) the tools are
not actually owned by OWASP.
Documentation projects are another matter, so I'm not talking about those

And I'm definitely one of the offenders, although in my defence I thought
renaming ZAP to "OWASP ZAP" was actually acceptable and even expected ;)

I think its worth us discussing this subject, regardless of what route we
take with ZAP in the future.

Should tools (code projects?) use "OWASP" in their name?
And I'm not talking about the rules here - the rules can be amended to
whatever we, the OWASP community, think are appropriate.

Should we recommend (and maybe at some point in the future require)
projects to use phrases like:

Name: Zed Attack Proxy (ZAP)
ZAP is an OWASP Flagship project

I'm sure lots of people will carry on referring to "OWASP ZAP" whatever we
do but changing the 'official' project names and documentation is still a
good start (in my opinion).



OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151204/2a323bdc/attachment.html>

More information about the OWASP-Leaders mailing list