Overview
The OWASP Nest mentorship program connects experienced professionals with contributors to support learning, skill development, and meaningful contributions to the OWASP ecosystem. The program is structured around modules, tasks, and mentor-mentee relationships.The mentorship program supports various initiatives including Google Summer of Code, open source contributions, and skill development across cybersecurity domains.
Program Structure
The mentorship program is built on several key components:Programs
A Program is an overarching mentorship initiative (e.g., “Google Summer of Code 2026”) that contains:- Name and Description: Clear identification and purpose
- Duration: Start and end dates defining the program timeline
- Experience Levels: Beginner, Intermediate, Advanced, or Expert
- Mentees Limit: Maximum number of participants
- Status: Draft, Published, or Completed
- Admins: Program administrators who oversee operations
Modules
Modules are program units representing specific learning tracks or project areas:- Associated with a specific OWASP project
- Contains tasks and issues for mentees to work on
- Assigned mentors to guide participants
- Experience level requirements
- Labels for organization and discovery
Tasks
Tasks connect mentees with specific work items:- Linked to GitHub issues
- Assigned to individual mentees
- Status tracking: To Do, In Progress, In Review, Completed
- Optional deadlines for time management
- Part of a specific module
Experience Levels
The program accommodates contributors at various skill levels:Beginner
New to open source or the technology stack. Focus on foundational skills and good first issues.
Intermediate
Familiar with the basics, ready to tackle more complex features and contribute independently.
Advanced
Experienced contributors who can handle sophisticated features and architectural decisions.
Expert
Highly skilled professionals who can mentor others and drive strategic initiatives.
GSoC 2026 Mentors
Our mentors bring diverse expertise in cybersecurity, software engineering, DevOps, and application security.Arkadii Yakovets - Cybersecurity Lead, CCSP, CISSP, CSSLP
Arkadii Yakovets - Cybersecurity Lead, CCSP, CISSP, CSSLP
Kate Golovanova - Senior Software Engineer, CC
Kate Golovanova - Senior Software Engineer, CC
Role: OWASP Nest Project Leader at Skill StruckLocation: United States (Pacific Time)Contact:Kateryna is OWASP Nest Project Leader who enjoys mentoring open source contributions focused on full-stack features implementation. She wrote the initial OWASP Nest frontend that was later migrated to Next.js and React.
Illia Oleksiuk - Senior DevOps Engineer
Illia Oleksiuk - Senior DevOps Engineer
Role: OWASP GenAI Data Security Risk and Mitigations Initiative 2026 ContributorLocation: United States (Pacific Time)Contact:Illia is a Senior DevOps Engineer with experience building and operating large-scale systems, with a focus on infrastructure, automation, reliability, and security.
Ime Iyonsi - Software Engineer | Application Security
Ime Iyonsi - Software Engineer | Application Security
Role: Application Security (in transition)Location: United States (Eastern Time)Contact:Ime (Emay) is a software engineer with experience building and supporting production applications. She is currently focusing more on application security, with interests in secure coding and application security fundamentals. She enjoys supporting and sharing knowledge with folks as they navigate real-world open-source projects.
Kerlyn Manyi - Cybersecurity Engineer
Kerlyn Manyi - Cybersecurity Engineer
Role: GSoC’23 contributor at Mifos InitiativeLocation: Cameroon (West African Time)Contact:Kerlyn is a cybersecurity practitioner with a strong focus on penetration testing and offensive security. She previously mentored GSoC’25 under the Mifos Initiative. She mentors open-source contributions focused on penetration testing, ML-driven threat detection, and secure architecture design. She helps contributors build real-world offensive security skills.
Keshav Malik - Senior Security Engineer at LinkedIn
Keshav Malik - Senior Security Engineer at LinkedIn
Marie Wang - Senior GRC & Technology Risk Leader, CISSP
Marie Wang - Senior GRC & Technology Risk Leader, CISSP
Location: United States (Eastern Time)Contact:Marie is a cybersecurity professional focused on Governance, Risk, and Compliance. She enjoys helping people navigate the sometimes confusing world of GRC, whether they are just starting out, prepping for their CISSP, or tackling real-world risk management challenges. She is happy to share what she has learned, answer questions, and help others build practical skills. She welcomes outreach on LinkedIn or Slack and is always happy to chat about security, risk, or career paths in this field.
Noland Crane - Application Security Analyst, CISSP
Noland Crane - Application Security Analyst, CISSP
Role: Application Security Analyst at BloomreachLocation: United States (Central Time)Contact:Noland Crane is a Product Security Engineer at Bloomreach where he conducts pentesting, threat modeling, secure code reviews, and vulnerability management. He holds a Bachelor’s degree in Cyber Security along with several industry certifications.
Raja Nagori - Product Security Engineer at Splunk
Raja Nagori - Product Security Engineer at Splunk
Location: India (IST)Contact:Raja Nagori is a Product Security Engineer at Splunk with a strong focus on information security and continuous learning. He holds a Bachelor’s degree in Computer Science and Engineering and has experience in penetration testing, threat modeling, and DevSecOps. Raja is an active member of the OWASP community and leads the Nightingale project, a Docker-based environment for penetration testers.
Mentor Specializations
Full-Stack Development
Mentors: Kate Golovanova, Ime IyonsiFrontend and backend development, React, Next.js, Django, Python
DevOps & Infrastructure
Mentors: Illia OleksiukCI/CD, automation, infrastructure as code, containerization, reliability engineering
Offensive Security
Mentors: Kerlyn Manyi, Raja Nagori, Noland CranePenetration testing, threat modeling, secure code reviews, vulnerability management
Application Security
Mentors: Keshav Malik, Arkadii Yakovets, Ime IyonsiSecure coding, security architecture, cloud security, software security lifecycle
Risk & Compliance
Mentors: Marie WangGRC, risk management, compliance frameworks, CISSP preparation
AI/ML Security
Mentors: Kriti Birda, Kerlyn ManyiML-driven threat detection, AI security, data security
How to Get Involved
For Mentees
Join OWASP Slack
Connect with the community in #project-nest, #gsoc, and #contribute channels.Join OWASP Slack
Explore Open Issues
Browse issues labeled
good first issue or by your area of interest on the OWASP Nest repository.Connect with a Mentor
Reach out to mentors in your area of interest via Slack to discuss your goals and interests.
For Mentors
Interested in becoming a mentor? We welcome experienced professionals who:- Have expertise in cybersecurity, software development, or related fields
- Are committed to supporting open source contributors
- Can dedicate time to guide and review work
- Embrace the OWASP Code of Conduct
Program Benefits
Skill Development
Learn from experienced professionals in real-world scenarios with hands-on project experience.
Community Connection
Build relationships with the global OWASP community and network with security professionals.
Portfolio Building
Create tangible contributions to showcase your work on meaningful open source projects.
Career Growth
Gain experience and mentorship that can advance your career in cybersecurity and software development.
Resources
Mentors List
View the complete list of mentors on GitHub
Contributing Guide
Learn how to contribute to OWASP Nest
Code of Conduct
Understand community standards
Project Leaders
Meet the OWASP Nest leadership team
Contact
Join the Conversation
Connect with mentors and the community on OWASP Slack:
- #project-nest - Main project channel
- #gsoc - Google Summer of Code discussions
- #contribute - General contribution guidance