Who is the OWASP® Foundation?
The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.
- Tools and Resources
- Community and Networking
- Education & Training
For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.
Project Spotlight: OWASP Top 10
We are back again with yet another OWASP Spotlight series and this time we have a project which needs no introduction and I got the chance to interact with Andrew van der Stock, OWASP Foundation Executive Director and the project leader for OWASP Top 10.
The OWASP Top 10 is a book/referential document outlining the 10 most critical security concerns for web application security. The report is put together by a team of security experts from all over the world and the data comes from a number of organisations and is then analysed.
OWASP 2022 Global AppSec European Virtual Event
Registration Now Open!
Join us virtually June 6-10, 2022, for leading application security technologies, speakers, prospects, and community, in a unique event that will build on everything you already know to expect from an OWASP Global Conference.
Roadmap to version 5.0 of the OWASP ASVS project

On behalf of the OWASP ASVS leadership team, we are excited to publicise the objectives and roadmap for the upcoming version 5.0 of the flagship OWASP Application Security Project. We are hoping to be able to release a final version by the end of the year but there is a lot to do and we need your help!
Our first milestone is the end of May by when we would like to have as much feedback as possible on the current standard so as to start planning how the next version will look.
You may wish to read through the full objectives and roadmap document (or keep reading this post), review the current “bleeding edge” version of the ASVS document, and check out our guide to contributing which also includes guidance of the process to go through to provide feedback.
Whilst following that guidance, you are then welcome to respond to existing issues or open a new issue if your topic has not previously been raised.
...read moreRecent OWASP News & Opinions
- OWASP Members - submit your views to our bylaw survey for a chance to win an AppSec Virtual or AppSec Global pass, April 12, 2022
- Security Journey Provides Free Application Security Training Environment for OWASP Members, April 7, 2022
- OWASP Leader Town Halls - Leaders as Members, March 28, 2022
- OWASP Membership Data Cleanup - please verify your membership, March 25, 2022
Upcoming Conferences
- OWASP 2022 Global AppSec Europe Virtual Event, June 6-10, 2022 GMT+1
- OWASP 2022 Global AppSec AsiaPac Virtual Event, August 29 - September 1, 2022 Singapore Time (SGT)
- OWASP September Webinar, September 22-23, 2022 Eastern Daylight Time (EDT)
- OWASP October Webinar, October 11-12, 2022 Australian Western Standard Time (AWST)