Contribute to the OWASP AI Exchange
...
The OWASP projects are an open source effort, and we enthusiastically welcome all forms of contributions and feedback.
In any case, if you are interested in AI security, join OWASP Slack and come to #project-ai-community to learn and discuss.
Participate in Content Development
- 📥 Send your suggestion to the project leader.
- 📄 or apply to join the Authors group
- 🗣️ or discuss with the project leader how to become part of the Authors group
- 💡 or propose your ideas, or submit an issue.
- 📄 or fork our repo and submit a Pull Request for fixes or suggestions.
- 🙏 or pose your questions on GitHub or in #project-ai-community.
What to Avoid
We value every contribution to our project, but it’s important to be aware of certain guidelines:
- Avoid Advertising: The OWASP AI projects should not be a medium for promoting commercial tools, companies, or individuals. The focus should be on free and open-source tools when discussing the implementation of techniques or tests. While commercial tools generally aren’t included, they may be mentioned in specific, relevant instances.
- Refrain from Unnecessary Self-Promotion: If you’re referencing tools or articles you’re affiliated with, please disclose this relationship in your pull request. This transparency helps us ensure that the content aligns with the overall objectives of the guide.
If you’re unsure about anything, feel free to reach out to us with your questions.
| Name | Company | Country | Contributions |
|---|---|---|---|
| Rob van der Veer | Software Improvement Group (SIG) | Netherlands | Project founder and lead, content, leadership team |
| Chris Ancharski | Global community builder | US | Engagement specialist, leadership team |
| Aruneesh Salhotra | SNM Consulting Inc | US | Outreach, management, content, leadership team |
| Adelin Travers | Trail of Bits | ||
| Alon Tron | Stealth | Israel | Improved supply chain management |
| Angie Qarry | QDeepTech | Austria | several elaborations and references on data science defence mechanisms |
| Annegrit Seyerlein-Klug | TH Brandenburg | Germany | mapping with misc. standards |
| Anthony Glynn | CapitalOne | US | many textual improvements & link to LLM top 10 |
| Behnaz Karimi | Accenture | Germany | misc. contributions including model obfuscation and explanation |
| Dan Sorensen | Centil | US | Misc. additions including development security |
| Dennis Charolle | MilliporeSigma | US | Compliance overview and copyright |
| Disesdi Susanna Cox | OTW | US | Federated learning |
| Eoin Wickens | HiddenLayer | Ireland | Additions to development security |
| Feiyang Tang | Software Improvement Group (SIG) | ||
| John Sotiropoulos | Kainos | UK | Liaison to several insititutes |
| Manish Garg | VE3 | UK | Runtime model protection |
| Marko Lihter | SplxAI | Croatia | step-by-step guide for organizations, website creation, various textual improvements |
| Niklas Bunzel | Fraunhofer institute | Germany | data science discussion and references around evasion attacks |
| Rocky Heckman | Cyber Dynamo | Australia | Security & privacy risk analysis and ISO/IEC 27562 |
| Rubens Zimbres | Brazil | Adversarial machine learning | |
| Roger Sanz | Universidad Isabel | Spain | |
| Sandy Dunn | Boise State University, AI Cyber Advisors | US | Community management in the initial phase |
| S M Zia Ur Rashid | Paycom | US | Learning and training resources table under references |
| Sean Oesch | Oak Ridge National Laboratory | US | BLUF, Adversarial Training, OOD detection, NISTIR 8269, Guide Usability/Structure |
| Srajan Gupta | Dave | ||
| Steve Francolla | Workforce Tech LLC | ||
| Wei Wei | IBM | Germany | mapping with ISO/IEC 42001 |
| Yiannis Kanellopoulos and team | Code4thought | Greece | evasion robustness |
| Zoe Braiterman | Mutual Knowledge Systems | US | Many markdown improvements |