Who is the OWASP® Foundation?
The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.
- Tools and Resources
- Community and Networking
- Education & Training
For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.
Project Spotlight: OWASP Top 10

We are back again with yet another OWASP Spotlight series and this time we have a project which needs no introduction and I got the chance to interact with Andrew van der Stock, OWASP Foundation Executive Director and the project leader for OWASP Top 10.
The OWASP Top 10 is a book/referential document outlining the 10 most critical security concerns for web application security. The report is put together by a team of security experts from all over the world and the data comes from a number of organisations and is then analysed.
Featured Chapter: Sydney

OWASP Sydney Chapter Leadership are on fire! Ric Campo, Jack Guildford, and Sherry Liu took over the Sydney OWASP chapter in July 2020 and hit the ground running and have not looked back. See virtual meeting activity reach a new level. December started with OWASP Jingleton Hack for Beginners. This provided cybersecurity beginners with the opportunity to practice their skills and learn the basics of web application penetration testing. February experience their version of Hack the Box’s King of the Hill called “Fight Club.” This is a team event but if you do not have a team don’t worry. One will be found for you! See Meetup for all details.
OWASP Foundation to help government, electronic voting, defence, and critical infrastructure ISVs and contractors to modernize, collaborate, and secure their software and secure their supply chain
With the announcement today of the US Government’s Executive Order on “Improving the Nation’s Cybersecurity”, OWASP is working to establish vendor-neutral special interest groups to help organizations securely share information, rapidly adopt and adapt existing OWASP standards, projects, and tools such as the OWASP Application Security Verification Standard, the OWASP Mobile Testing Guide, OWASP Dependency Track to help secure the software supply chain, OWASP SAMM, and the OWASP Cheat Sheet Series. Adoption of OWASP standards and tooling can help government agencies, contractors and vendors rapidly comply with the EO today using OWASP’s trusted advice over the last 20 years, that already exists and is ready to go. There is more to be built, which is why we want to help industry, vendors, contractors, and agencies work together to improve the applicability of these standards to their particular use cases.
...read moreRecent OWASP News & Opinions
- Events Committee - call for volunteers, May 11, 2021
- New OWASP Fundraising Store, April 28, 2021
- OWASP Foundation Statement on Anti-Harassment, March 30, 2021
- 2021 March OWASP Call to Battle Post Event Wrap-up, March 16, 2021
Upcoming Conferences
- Brain Break, February 18, April 24, August 18, October 20, and December 16.
- Call to Battle, February 26, April 9, August 28, and December 7.
- OWASP Virtual Training Courses, March 9, May 25, June 15, July 20, September 7, and November 16.
- Lightning Conference, March 15, May 12, July 13, September 28, and November 3.