Who is the OWASP® Foundation?
The Open Worldwide Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.
- Tools and Resources
- Community and Networking
- Education & Training
For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.
In 2022 you may have seen or participated in one or more of our four online Developer training sessions led by Mr. Jim Manico. Jim is the Founder, CEO, and Application Security Educator at Manicode Security. He has been an OWASP Volunteer since 2008 and a former OWASP Global Board Member.
Last year, Jim went above and beyond to continue his selfless support for the OWASP Foundation. He graciously offered to provide four virtual online training sessions for OWASP, with all proceeds donated back to OWASP. The four trainings wrapped up with 167 students, generating over $90k in profit!
Training sessions were rotated around the globe to accommodate all time zones, and although it was a virtual training, it was presented live. Students could chat with each other and Jim and ask questions in real-time.
On behalf of the OWASP Foundation, thank you, Jim, for your continued support throughout the years, especially in 2022.
Watch for more OWASP Virtual Training courses coming to you in 2023.
Project Spotlight: AI Security and Privacy Guide
AI applications are on the rise and so are the concerns regarding AI security and privacy. How can AI systems be attacked? How can they be protected? This is why OWASP is now offering the AI security & privacy guide - to provide clear and actionable insights on designing, creating, testing, and procuring secure and privacy-preserving AI systems. By open-sourcing our understanding of the state-of-the-art, we can create consensus and collect ideas from a variety of perspectives.
OWASP 2023 Global AppSec DC
Registration Open!
Join us in Washington DC, USA Oct 30 - Nov 3, for leading application security technologies, speakers, prospects, and community, in a unique event that will build on everything you already know to expect from an OWASP Global Conference.
Designed for private and public sector infosec professionals, the two-day OWASP conference followed by three days of training equips developers, defenders, and advocates to build a more secure web. Join us for leading application security technologies, speakers, prospects, and the community, in a unique event that will build on everything you already know to expect from an OWASP Global Conference.
GSuite Account Cleanup
Today, we crossed 10,000 accounts in our GSuite instance. This is a great milestone, but it also means that we have no more seats to give to new members. We currently have 6600 financial members, so there are 3400 expired members today. We need to do a spring clean.
We will be deleting old accounts of long-expired members, initially those that are more than three years out of date. So if you’ve let your membership expire before March 2020, your data will be gone. This will affect 1400 accounts initially.
...read moreRecent OWASP News & Opinions
- Resignation of Mark Curphey, March 20, 2023
- Strategic Plan 2023 - an update for the open letter, March 10, 2023
- OWASP Foundation Announces CycloneDX Project Momentum with Contribution from IBM to Advance Software Supply Chain Security, March 1, 2023
- OWASP Low-Code/No-Code Top 10 Upcoming Meetup, February 15, 2023
Upcoming Conferences
- OWASP Global AppSec Singapore 2023, October 3-4, 2023
- OWASP Global AppSec Washington DC 2023, October 30 - November 3, 2023
- OWASP Global AppSec San Francisco 2024, September 23-27, 2024
- OWASP Global AppSec Washington DC 2025, November 3-7, 2025