Docs to Secure the Web Forward

Open Web Docs attended the W3C workshop Secure the Web Forward. The workshop was held virtually on September 26-28, 2023 with the goal to drive developer awareness and adoption of web security standards & practices.

We handed in a position paper called Documentation for web security education and presented our paper as part of the "Developer awareness" track on the last day of the workshop.

In the paper, we take a look at the MDN short survey results on web security.

The responses to the survey suggest a clear need for better education, tools, and best practices to assist developers in detecting and preventing security vulnerabilities in their development workflows. On average, 60% of developers rated the security aspects as somewhat challenging or very challenging, while only 17% of developers rated them as easy or very easy.

With this need in mind, we took a look at the current state of the MDN security documentation area, proposed a better structure, and started conversations how to create better documentation for web security.

The talk was recorded:

Many thanks to the program committee and in particular to Dan Appelquist (Snyk) and Fran├žois Daoust (W3C) for inviting us and for all the work on organizing this workshop!

Some takeaways from the discussion that followed the presentation of our paper:

As a next step, we hope to meet again with interested folks to:

We hope to use all of these discussions, the research and the work on a content outline to formulate an Open Web Docs project on web security documentation which we can work on in 2024.

Please reach out to Florian or to Will to be included in planning.