Opinions & News
Check back here for weekly news and opinions from OWASP leadership, staff, and community members.
Monday, June 29, 2020
It is with great pleasure that the OWASP Foundation announces that as per today, Monday 29th June 2020 we will have a new, full time, Executive Director (ED), selected from within our own ranks. As per this date Andrew van der Stock will officially take on the role of the ED for the Foundation on a permanent basis.
Andrew is well known to many in the OWASP Community for both his hard work on a number of key OWASP Projects (including the OWASP Top Ten and the OWASP ASVS) as well as for his time on the Global Board of Directors, representing the OWASP Community from 2015 to 2018. He brings years of AppSec experience to the role as well as his breadth of experience managing organisational units. We are sure he will bring this to his new role in the Foundation and will be a great ED.... more
Monday, June 8, 2020
Virtual AppSec Days April 2020 was a hit! Over 1,800 participated in the week-long event. Highlights included a free lightning conference, 11 training courses, and a 48 hour Capture the Flag competition.
The OWASP Foundation set out to bring the community together and provide alternative education in these uncertain times. We were able to do this economically for participants thanks to our generous sponsors, without whom, this event would not have been possible.
Thank you to Acunetix, DevSecOps Academy, Netsparker, and ZeroNorth! These sponsors not only helped keep the conference affordable but also gave away over $800 in prizes to participants.... more
Thursday, June 4, 2020
Join 24 chapters around the globe for a 24 hour long back-to-back virtual chapter meetup. The entire event will be livestreamed on YouTube from 16 countries. The schedule of those talks is available here.
The OWASP Leaders List is a mailing list populated by either Chapter or Project Leaders or folks who previously held those positions. The mailing list is a busy place and ideas flow there regularly - because the folks on that list are good folks with great ideas.
Sometimes an idea hits the list that requires real work to happen and this initiative was one of those fortunately there were plenty of volunteers to step up and make it happen.... more
Tuesday, April 7, 2020
The OWASP Foundation is excited to announce the launch of Virtual AppSec Days. Taking place later this month, we have an entire week of virtual activities planned, to engage, educate, and entertain our community.
The event will begin on April 27 with a virtual mini-conference; a free 90-minute session consisting of three 20-minute lightning talks by AppSec industry leaders.... more
Tuesday, March 17, 2020
live from the beach of Cancun at the OWASP Projects Summit was a really
unique event. The summit allowed us to really concentrate on some larger
long-term ideas we had.
Thursday, March 12, 2020
Following recent developments within Ireland, throughout Europe, and worldwide relating to COVID-19, the OWASP Foundation has made the difficult, but considered decision, to postpone the Global AppSec Dublin set to take place June 15-19.
We take pride in offering a premier experience for our attendees and sponsors and we can no longer guarantee that event quality. Nor can we ethically put our community’s health and safety at risk. Therefore we have secured dates at the Convention Center Dublin to hold the Global AppSec Dublin on February 15-19, 2021.... more
Tuesday, February 18, 2020
Are you a thought leader in AppSec with a unique idea to share with the greater OWASP community? We are looking for new, innovative, compelling content for our Global AppSec in Dublin this June. Application Security leaders, software engineers, and researchers from all over the world gather at Global AppSec conferences to drive visibility and evolution in the safety and security of the world’s software, as well as to network, collaborate, and share the newest innovations in the field.... more
Tuesday, February 11, 2020
The OWASP SAMM™ (Software Assurance Maturity Model) is a community-led open-sourced framework that allows teams and developers to assess, formulate, and implement strategies for better security which can be easily integrated into an existing organizational Software Development Life Cycle (SDLC).... more
Wednesday, January 15, 2020
For the better part of the last nine months, a small dedicated team has been working to complete a project that has been started, restarted, abandoned, restarted, and then again abandoned: migrating our 7,000 or so page website curated by over 3,000 content editors from MediaWiki to GitHub Pages. As I like to now say, “when you spend 15 years digging a deep hole, don’t expect to dig your way out in a week.” And in all honesty this is not the finish line, but the starting line for the OWASP Foundation in this new decade.... more
Tuesday, December 3, 2019
Want to help plan our next Global AppSec event? OWASP is excited to announce the launch the Global AppSec Program Team. These teams will be responsible for selecting the program and training offerings for the Global AppSecs and will be comprised of volunteers from all around either Europe or North America. Be sure to apply to volunteer before the end of the year!... more
Wednesday, November 20, 2019
As the foundation moves toward the migration of the OWASP web presence from the old wiki site to our new GitHub-hosted home, some of you may still have questions regarding what to move and how to move it. Essentially, if you have a chapter page or project page and you have not migrated it to the new website, that would be first. Steps on what to do and what is needed can be found at https://owasp.org/migration There are also some minor instructions on the... more
Tuesday, July 2, 2019
OWASP ZAP Releases V2.8.0 With the Heads Up Display
Heads Up Display simplifies and improves vulnerability testing for developers
SAN FRANCISCO–(BUSINESS WIRE)–OWASP™ ZAP (Open Web Application Security Project™ Zed Attack Proxy) has released a new version of its leading ZAP Project which now includes an innovative Heads Up Display (HUD) bringing security information and functionality right into the browser. Now software developers can interactively test the reliability and security of their applications in real time while controlling a wide variety of features designed to test the quality of their software.... more
Wednesday, June 12, 2019
Blog post example content. Talk about using GitHub for the new website. More text to follow in a second here. Describe the functionality and the awesome CSS. New blog post example content. Talk about using GitHub for the new website. More text to the awesome CSS. blog post example content. Talk 12345 about using GitHub for the new website. More text to follow in a second here. Talk about using GitHub for the new website. More text to follow in a second here. and the awesome CS word log …... more