Who is the OWASP® Foundation?

The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.

  • Tools and Resources
  • Community and Networking
  • Education & Training

For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.

Project Spotlight: Mobile Security Testing Guide


The OWASP Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering for the iOS and Android platforms, describing technical processes for verifying the controls listed in the MSTG’s co-project Mobile Application Verification Standard (MASVS). The MASVS defines a mobile app security model and lists generic security requirements for mobile apps, while the MSTG serves as a baseline for manual security testing and as a template for automated security tests during or after development. Included with the MSTG, the Mobile Security Hacking Playground is a collection of iOS and Android mobile apps that are intentionally built insecure. These apps are used as examples to demonstrate different vulnerabilities explained in the MSTG. Learn more about the MSTG and the MASVS.

Bay Area Chapter Meeting

Hosted at some of most iconic technology companies in the world, the Bay Area chapter is one of the Foundation’s largest and most active. This month they are hosting a Hacker Day and monthly meetups in San Francisco at Insight Engines and in South Bay at EBay. Usually the agenda includes three proactive and interesting talks, lots of interesting people to meet, and great food. The Bay Area Chapter also participates in planning AppSec California.

Kelly Santalucia appointed as Director of Events and Corporate Support


Andrew van der Stock, January 18, 2021

It is my pleasure to announce Kelly Santalucia’s appointment as OWASP’s Director of Events and Corporate Support, effective January 1, 2021. In December 2020, our previous Events Director, Emily Berman, chose to move on to a new events opportunity, and I thank her for her efforts during her tenure.

I am honored and excited to serve the OWASP Community as your Director of Events and Corporate Support. I have been a team member of the Foundation for over ten years. I began my journey here at OWASP as the NYC local chapter coordinator under Tom Brennan’s leadership. Shortly after, an opportunity became available, and I joined the OWASP global staff as the Foundations Membership and Business Liaison. As the years progressed, I moved into the Senior Manager of Sponsorship and Membership role, followed by the Director of Corporate Support and, most recently, the Director of Events and Corporate Support.

...read more

Recent OWASP News & Opinions

Upcoming Conferences

  • ,
  • ,
  • ,