Who is the OWASP® Foundation?

The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.

  • Tools and Resources
  • Community and Networking
  • Education & Training

For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.

Project Spotlight: OWASP Top 10

Top 10 Logo

We are back again with yet another OWASP Spotlight series and this time we have a project which needs no introduction and I got the chance to interact with Andrew van der Stock, OWASP Foundation Executive Director and the project leader for OWASP Top 10.

The OWASP Top 10 is a book/referential document outlining the 10 most critical security concerns for web application security. The report is put together by a team of security experts from all over the world and the data comes from a number of organisations and is then analysed.

Read more..

OWASP's 20th Anniversary Event Celebration

Join us September 24 for 24-hours as we honor the past, celebrate the present and embrace the future of OWASP and cybersecurity. Hear from world renowned keynotes and special speakers, network with your peers and interact with our event sponsors. With an anticipated 10k+ attendees from around the world, you will not want to miss this live on-line event! Our program will be announced soon and sponsorships are now being accepted!

Read more..

OWASP Mobile Security Testing Guide Release


Sven Schleier, July 29, 2021

Earlier this week we (Carlos Holguera and myself) created a new release of the OWASP Mobile Security Testing Guide!

For this release we adapted the document build pipeline from the OWASP Mobile AppSec Verification Standard (MASVS) and can now automatically create a release for the MSTG as PDF, docx and ePub which allows us to release more frequently. If you are interested in the magic behind it, you can find the Github Action of the release here

We want to thank:

  • Jeroen Beckers for all the continuous support and his valuable input for the OWASP MSTG project in general,
  • Jeroen Willemsen for all the support in the last year to get us on the right track for the build pipeline and
...read more

Recent OWASP News & Opinions

Upcoming Conferences