This month, we are featuring root.io, a Platinum Corporate Supporter of OWASP, which specializes in automated container remediation. In this interview, we discuss the origins of root.io, root's use of OWASP materials and our impact on their operations, how they use software bill of materials with OWASP CycloneDX, and how you can get your project startup idea off the ground and some advice for future OWASP project entrepreneurs.
A huge thank you to all our Corporate Supporters! We will be featuring more corporate supporter stories in the coming months, so stay tuned!
OWASP x Google Summer of Code 2025 - Enabling 15 opportunities for impact
We’re proud to share that OWASP is once again an official mentoring organization for Google Summer of Code (GSoC) 2025—and this year, we’ve secured 15 contributor slots across some of the most impactful open-source security projects in the world.
This milestone reinforces OWASP’s ongoing commitment to open-source innovation and highlights the strength of our global community of mentors and contributors, as well as our commitment to education-by-doing with the GSoC program.
🔧 GSoC 2025: What’s on Deck?
Contributors will get hands-on experience improving and expanding some of OWASP’s most vital tools:
- Juice Shop – A globally-used, intentionally insecure web app for security training.
- Nettacker – A fast, automated network scanner built for vulnerability detection.
- Offensive Web Testing Framework (OWTF) – A smart framework for streamlined penetration testing.
- Bug Logging Tool (BLT) – A next-gen bug tracker focused on gamification to incentivize bug and security reporting.
- Nest – Core infrastructure to power and enable the OWASP projects and contributors ecosystem.
- PyGoat – A Python-based sandbox for learning and exposing security flaws in modern stacks.
- OpenCRE – A collaborative cybersecurity knowledge base & reference system.
🚀 What’s Next?
Selected contributors will begin collaborating with mentors to level up these tools and help push open-source security forward.
🙌 Thank You
Huge thanks to our project leads, mentors, contributors, and the OWASP community who made this year’s GSoC application a success. Let’s make this summer one to remember!
— Starr Brown & Fabio Cerullo, OWASP GSoC Admins
...read moreUpcoming at OWASP
flagship resources
let it grow with OWASP.
Recent OWASP News & Opinions
- OWASP Enables AI Regulation That Works with OWASP AI Exchange, May 6, 2025
- OWASP Calls to Build a Unified Framework for Global Vulnerability Intelligence, April 17, 2025
- ASVS 5.0 RC1 is ready for your review!, April 9, 2025
- OWASP Education and Training Committee update, March 6, 2025
Upcoming Conferences
- OWASP Global AppSec USA 2025 - Washington, DC, November 3-7, 2025
- OWASP Global AppSec EU 2026 - Vienna, November 2-6, 2026