MAS Advocates are industry supporters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word.
🥇 Being a "MAS Advocate" is the highest status that companies can achieve in the project, acknowledging that they've gone above and beyond to support the project.
MAS Advocates continuously support the project with time/dedicated resources with clear/high impact. To achieve this status, you'll need to demonstrate that you make consistent high-impact contributions to the project. For example: - Content Pull Requests (e.g. adding/updating existing tests, tooling, maintaining code samples, etc.) - Technical PR reviews - Improving automation (GitHub Actions) - Upgrading, extending or creating new Crackmes - Moderating GitHub Discussions - Providing high quality feedback to the project and for special events such as the MASVS/MASTG refactoring. - etc.
The following will be considered but it's not a requirement:
Showing Adoption: it should be clear just from looking at the official company page that they have adopted the OWASP MASVS and MASTG. For example:
Resources (e.g. blog posts, press releases, public pentest reports)
Spreading the word and promoting the project with many presentations each year, public trainings, high social media involvement (e.g. liking, re-sharing, doing own posting specifically to promote the project).