Who is the OWASP® Foundation?
The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.
- Tools and Resources
- Community and Networking
- Education & Training
For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.
Project Spotlight: OWASP Top 10
We are back again with yet another OWASP Spotlight series and this time we have a project which needs no introduction and I got the chance to interact with Andrew van der Stock, OWASP Foundation Executive Director and the project leader for OWASP Top 10.
The OWASP Top 10 is a book/referential document outlining the 10 most critical security concerns for web application security. The report is put together by a team of security experts from all over the world and the data comes from a number of organisations and is then analysed.
Featured Event: OWASP Global AppSec US 2021
Global AppSec US Virtual 2021 returns Nov. 11-12, 2021. Designed for private and public sector infosec professionals, the two day OWASP conferences equip developers, defenders, and advocates to build a more secure web.
Join us for leading application security technologies, speakers, prospects, and community, in a unique event that will build on everything you already know to expect from an OWASP Global Conference.
End of year thank you! Corporate Membership or Donations, 20th Anniversary keynotes, Distinguished Lifetime Members, Waspy Awards, Multi-Factor Authentication, oh my!
This year has been extremely challenging, and it looks like 2022 will be more of the same. But in the meantime, we have had some amazing successes, and I want to celebrate them. So here’s a very overdue and yet still timely end of year blog blow out!
Read on to learn about our end of year Donation and Corporate membership drive, 20th Anniversary keynotes, Distinguished Lifetime Members and WASPY Awards announcements, and lastly how we intend to implement multi-factor authentication by the end of Q1 2022.
...read moreRecent OWASP News & Opinions
- OWASP Core Ruleset Project announces Coraza SecLang engine, December 22, 2021
- Project Update Request - Log4J, December 13, 2021
- PurpleTeam TLS Tester Implementation, December 1, 2021
- Please register for a Events Town Hall option in your timezone, November 10, 2021
Upcoming Conferences
- OWASP Career Fair, February 22, 2022 Eastern Standard Time (EST)
- OWASP March Webinars, March 7, 2022 Mountain Standard Time (MTS)
- OWASP April Webinar, April 12-13, 2022 Moscow Standard Time (MSK)
- OWASP 2022 Global AppSec Europe Virtual Event, June 6-10, 2022