Who is the OWASP® Foundation?
The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.
- Tools and Resources
- Community and Networking
- Education & Training
For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.
Project Spotlight: OWASP SAMM
OWASP Software Assurance Maturity Model (SAMM) makes software security measurable. Once you can measure it, you can manage it. So it allows one to actually manage a secure software program in an organization. SAMM helps any application security manager or security champion to understand where they are in terms of activities and also what they can do moving forward. It helps one to create a roadmap and to improve and demonstrate security activities are performed.
Software in each of the business functions of an organisation have a couple of security practices and each of these security practices have a couple of activities with an increasing level of maturity. The model provides the framework to know what kind of activities and practices one needs to look at in terms of software security.
Featured Chapter: Sydney
OWASP Sydney Chapter Leadership are on fire! Ric Campo, Jack Guildford, and Sherry Liu took over the Sydney OWASP chapter in July 2020 and hit the ground running and have not looked back. See virtual meeting activity reach a new level. December started with OWASP Jingleton Hack for Beginners. This provided cybersecurity beginners with the opportunity to practice their skills and learn the basics of web application penetration testing. February experience their version of Hack the Box’s King of the Hill called “Fight Club.” This is a team event but if you do not have a team don’t worry. One will be found for you! See Meetup for all details.
20th Anniversary Event Call for Speakers
The OWASP Foundation is proud to announce our 20th Anniversary on September 24, 2021. For two decades, OWASP Foundation has served the application security and devsecops industries as a leader in open source information, industry leading projects, and a global community of peers.
With a year of celebration ahead, the Event team is excited to join this effort by announcing a special 20th Anniversary Virtual Event: Securing the Next 20 Years. The event will be held on September 24th and feature 24-hours of speakers from around the globe broadcasting across all timezones. The event will encompass a message of future forward thinking, influences from our history, and hot topics relevant today.
...read moreRecent OWASP News & Opinions
- Help the OWASP SCVS Project, March 5, 2021
- OWASP 20th Anniversary kicks off!, March 3, 2021
- February COVID Restrictions Update, February 26, 2021
- Brain Breaks Recap, February 24, 2021
Upcoming Conferences
- Brain Break, February 18, April 20, June 23, August 18, October 20, and December 16.
- Call to Battle, February 26, April 9, August 27, and December 7.
- OWASP Virtual Training Courses, March 9, May 25, June 15, July 13, September 7, and November 3.
- Lightning Conference, March 15, May 12, July 20, September 28, and November 16.