OWASP Snakes and Ladders is an educational project. It uses gamification to promote awareness of application security controls and risks, and in particular knowledge of other OWASP documents and tools.
In the board game for web applications (Print-ready PDFs), the virtuous behaviors (ladders) are secure coding practices (from OWASP Proactive Controls project 2014-2016) and the vices (snakes) are application security risks (from OWASP Top Ten Project 2013).
The identical board game for mobile apps (Print-ready PDFs) uses mobile controls (from the Mobile Security Project Top Ten Controls 2013) as the virtuous behaviors and mobile risks (from the Top Ten Mobile Risks 2014 from the same project) as the vices.

“Security is always excessive until it’s not enough.”
-Robbie Sinclair

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>