Who is the OWASP Foundation?
The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.
- Tools and Resources
- Community and Networking
- Education & Training
For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.
Project Spotlight: Mobile Security Testing Guide
The OWASP Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering for the iOS and Android platform, describing technical processes for verifying the controls listed in the MSTG’s co-project Mobile Application Verification Standard (MASVS). The MASVS defines a mobile app security model and lists generic security requirements for mobile apps while the MSTG serves as a baseline for manual security testing and as a template for automated security tests during or after development. Included with the MSTG, the Mobile Security Hacking Playground is a collection of iOS and Android mobile apps, that are intentionally built insecure. These apps are used as examples to demonstrate different vulnerabilities explained in the MSTG. Learn more about the MSTG and the MASVS.
Featured Chapter: Bay Area
Hosted at some of most iconic technology companies in the world, the Bay Area chapter is one of the Foundation’s largest and most active. This month they are hosting a Hacker Day and monthly meetups in San Francisco at Insight Engines and in South Bay at EBay. Usually the agenda includes three proactive and interesting talks, lots of interesting people to meet, and great food. The Bay Area Chapter also participates in planning AppSec California.
Virtual AppSec Days Summer of Security 2020
Virtual AppSec Days April 2020 was a hit! Over 1800 participated in the week-long event. Highlights included a free lightning conference, 11 training courses, and a 48 hour Capture the Flag competition.
The OWASP Foundation set out to bring the community together and provide alternative education in these uncertain times. We were able to do this economically for participants thanks to our generous sponsors, without whom, this event would not have been possible.
Thank you to Acunetix, DevSecOps Academy, Netsparker, and ZeroNorth! These sponsors not only helped keep the conference affordable but also gave away over $800 in prizes to participants.
...read moreRecent OWASP News & Opinions
- Virtual AppSec Days April 2020, April 7, 2020
- OWASP Juice Shop v10.0.0 released, March 17, 2020
- Global AppSec Dublin postponed to 2021, March 12, 2020
- Dublin Call for Papers and Trainers, February 18, 2020
Upcoming Conferences
- BlackHat USA 2020, August 1-8, 2020
- DefCon Safe Mode, Aug. 7 - 9, 2020
- BlackHat Asia 2020 (New Date), Sept.29 - Oct 2, 2020
- Global AppSec San Francisco, October 19-23, 2020