Who is the OWASP^® Foundation?

The Open Worldwide Application Security Project^® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.

Tools and Resources
Community and Networking
Education & Training

For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Supporter today.

Project Spotlight: AI Security and Privacy Guide

AI Security and Privacy logo

AI applications are on the rise and so are the concerns regarding AI security and privacy. How can AI systems be attacked? How can they be protected? This is why OWASP is now offering the AI security & privacy guide - to provide clear and actionable insights on designing, creating, testing, and procuring secure and privacy-preserving AI systems. By open-sourcing our understanding of the state-of-the-art, we can create consensus and collect ideas from a variety of perspectives.

OWASP 2023 Global AppSec DC

Registration Open!

Join us in Washington DC, USA Oct 30 - Nov 3, for leading application security technologies, speakers, prospects, and community, in a unique event that will build on everything you already know to expect from an OWASP Global Conference.

Designed for private and public sector infosec professionals, the two-day OWASP conference followed by three days of training equips developers, defenders, and advocates to build a more secure web. Join us for leading application security technologies, speakers, prospects, and the community, in a unique event that will build on everything you already know to expect from an OWASP Global Conference.

OWASP @ RSA

Grant Ongers, May 5, 2023

OWASP was invited to RSA this year and given both a table in the exhibitor hall and a whole morning track upstairs from the hall. Several board members made the trip out and we manned the booth and presented there.

The booth in the exhibitor hall was not huge and in traditional OWASP style it was not ostentatious, however, it did have loads of OWASP branded swag that turned out to be very popular with the attendees. We had over a 1,000 conversations at RSA this year and (almost) everyone knew who we were,¹ and they were all very happy to see us.

There was one person who didn’t, but he worked AV and was trolling the vendor hall looking for swag. He did leave enlightened however (and with a beach-ball for his kids)! ↩

Recent OWASP News & Opinions

Strategic direction of OWASP (part 1), March 31, 2023
GSuite Account Cleanup, March 23, 2023
Resignation of Mark Curphey, March 20, 2023
Strategic Plan 2023 - an update for the open letter, March 10, 2023

Upcoming Conferences

OWASP Global AppSec Singapore 2023, October 4-5, 2023
OWASP Global AppSec Washington DC 2023, October 30 - November 3, 2023
OWASP Global AppSec San Francisco 2024, September 23-27, 2024
OWASP Global AppSec Washington DC 2025, November 3-7, 2025