OWASP China-Mainland

Welcome to the China-Mainland chapter homepage. The chapter board is Rip, Dr. Wang Jie. Follow chapter news on WeChat Public Account by scanning QRCode with WeChat.

Celebrating OWASP’s 20th Anniversary

Chapter Supporters

Corporate Supporters

The following are the list of corporates who have generously aligned themselves with the OWASP China-Mainland chapter, therefore contributing funds to our chapter:

Academic Supporters

The following are the list of universities who have generously aligned themselves with the OWASP China-Mainland chapter, therefore supporting our chapter:

Media Supporters

The following are the list of media who have generously aligned themselves with the OWASP China-Mainland chapter, therefore supporting our chapter:

OWASP China-Mainland Leaders

Chapter Board

Chair: RIP 万振华

Vice Chair: Dr. Wang Jie 王颉

Community Manager: Ms. Xu Fei 许飞女士

Area Leaders

Anhui: Qian Junsheng 钱君生

Beijing: Chen Xinlong 陈新龙,Zhang Kun 张坤

Guangdong: Xiao Wendi 肖文棣,Liu Zhicheng 刘志诚

Guangxi: Cheng Yuanchong 程远冲,Guo Peigang 郭佩刚

Hainan: Wang Qiang 王强

Heilongjiang: Huang Junqiang 黄俊强

Jiling: Guo Zhenxin 郭振新

Jiangsu: Huang Shengchao 黄圣超

Liaoning: Ms. Wu Nan 吴楠女士

Neimenggu: Hu He 呼和,Liu Guoqiang 刘国强

Shaanxi: Ren Bolun 任博伦

Shanxi: Cao Xiaojun 曹晓俊

Shandong: McFord 张剑钟,Wang Qinglong 王青龙

Sichuan: Ma Wei 马伟

Shanghai: Wang Wenjun 王文君, Song Guohui 宋国徽

Zhejiang: Yuan Mingkun 袁明坤

OWASP China-Mainland Chinese Website

For more information about OWASP China-Mainland Chapter, please visit OWASP China website: http://www.owasp.org.cn/

Upcoming Events:

Speaking at OWASP China-Mainland Chapter Events

Call For Speakers

Call For Speakers is open - if you would like to present a talk on Application Security at future OWASP China-Mainland Chapter events - please review and agree with the OWASP Speaker Agreement and send the proposed talk title, abstract and speaker bio to the Community Manager via e-mail:


OWASP Statement on Participation

The Open Web Application Security Project (OWASP) - managed by the non-profit OWASP Foundation - works to improve the security of software. All of our projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

Chapters are led by local leaders in accordance with the Chapter Policy. Financial contributions should only be made online using the authorised online donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP Project, independent research, or related software security topic you would like to present.

Everyone is welcome and encouraged to participate in our Projects, Local Chapters, Events, Online Groups, and Community Slack Workspace. We especially encourage diversity in all our initiatives. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert. We also encourage you to be become a member or consider a donation to support our ongoing work.

Past Events

OWASP China Shenzhen Day Event, Sofware Development and Supply Chain Security, Shenzhen, 2021/09/25


13:30-13:40 Opening Speech

13:40-13:50 Release of OWASP Top 10 2021 Chinese Version

13:50-14:00 Release of OWASP Go Secure Coding Practices Guide Chinese Version

14:00-14:30 Software Supply Chain Security and Toolchain

14:30-15:00 Software Supply Chain based Security Practices

15:00-15:30 Open Source Software Management

15:30-15:50 Tea Break

15:50-16:20 Tencent Cloud Security and DevSecOps

16:20-16:50 Construction of DevSecOps Delivery System

16:50-17:10 System Engineering of Software Supply Chain

17:10-17:40 Round Table Discussion: From the view of OWASP Top 2021 to Software Supply Chain

OWASP China Hefei Day Event, Digital Compliance, Hefei, 2021/12/04


OWASP DevSecOps Maturity Model

Open Source Component Risk Governace

DevSecOps-Based Mobile APP Compliance

Capability Build for Financial Security Person

Vulnerability Attack & Defend Practices of Next-Gen Security Technique

Talk about Forensics

OWASP China Shenzhen Day Event, Data Security and Best Practices, Shenzhen, 2021/09/25

Celebration of OWASP 20 Years Anniversary!

Close-door event for OWASP China selected members only.

Open discussion for Data Security, no particular talks set!


14:00-14:30 OWASP 20 Years Anniversary

14:30-14:35 Opening Speech

14:35-14:55 Raise the question

15:00-17:00 Open Discussion

OWASP China Hohhot Day Event, Hohhot, 2021/07/24

Event Agenda:

14:30-14:45 Opening Speech

14:45-15:00 About OWASP

15:00-15:30 Network Security Talent Training

15:30-16:00 Network Security Response Practices

16:00-16:30 Blackbox Pentesting Tricks

16:30-17:00 Research of AI-based IoT Forensics

17:00-17:30 From Anti-Virus to Threat Intelligence

OWASP China Guilin Day Event, Guilin, 2021/07/14

Event Agenda:

14:30-14:40 Opening Speech

14:40-15:10 Systematic Fusion for Secure and Efficiency of Software Development

15:10-15:40 Crptography based Data & Privacy Protection Method

15:40-15:50 Tea Break

15:50-16:20 Thinking in Enterprise Data Security Protection

16:20-16:50 QR Code Security Weaknesses and Countermeasures

16:50-17:20 Enterprise’s Strategies under Strong Supervision of Software Supply Chain Security

OWASP China Chongqing Day Event, Chongqing, 2021/06/23

Event Agenda:

14:00-14:20 Opening Speech

14:20-14:30 Introduction of OWASP

14:30-15:00 Software Code Secure Review

15:00-15:30 BSN Assists InforSec & DataSec

15:30-15:50 Tea Break

15:50-16:20 From the View of Software Testing to InfoSec

16:20-16:50 Software Supply Chain

16:50-17:20 Reverse Analysis of Dailylife App’s Common Functions

OWASP China Chengdu Day Event, Chengdu, 2021/07/24

Event Agenda:

13:30-13:40 Opening Speech

13:40-14:20 OWASP Dependency Track

14:20-15:00 How to make security no longer a stumbling block for DevOps?

15:00-15:15 Tea Break

15:15-15:55 Open source software governance

15:55-16:35 Best practices of security state aware

16:35-17:00 Round-table discussion

S-SDLC & DevSecOps, Shenzhen, Guangdong, Thursday, 2020/12/26

Event Agenda:

13:30 Introduction, Jie Wang

13:40 Talk 1 : “S-SDLC & DevSecOps, from the view of IT industry” - Kevin Gu

14:20 Talk 2 : “S-SDLC & DevSecOps, from the view of Financial industry” - Yixiang Liu

15:00 Tea Break

15:10 Talk 3 : “S-SDLC & DevSecOps, from the view of Software Engineering” - Jinghan Song

15:50 Talk 4 : “OWASP SAMM 2.0” - Jie Wang

16:30 Roundtable Discussion : “S-SDLC or DevSecOps, which one should be chosen?”

OWASP China-Mainland, Shanxi Area, Taiyuan, 2020/12/26

OWASP China-Mainland, Henan Area, Zhengzhou, 2020/01/04

OWASP China-Mainland, Beijing Area, Beijing, 2019/12/06

OWASP China-Mainland, Shanxi Area, Taiyuan, 2019/10/26

OWASP China-Mainland, Fujian Area, Fuzhou, 2019/08/31

OWASP China-Mainland, Liaoning Area, Shenyang, 2019/09/07

OWASP China-Mainland, Xinjiang Area, Urumqi,2019/07/26

OWASP China-Mainland, Guangdong Area, Shenzhen, 2019/05/18

OWASP China-Mainland, Hainan Area, Haikou, 2019/05/08

OWASP China-Mainland, Shanxi Area, Taiyuan, 2019/04/13

OWASP China-Mainland, Jiangsu Area, Changzhou, 2019/03/28

OWASP China-Mainland, Xinjiang Area, Urumqi, 2019/03/27

OWASP China-Mainland, Jilin Area, Changchun, 2019/03/16

OWASP China-Mainland, Shandong Area, Jinan, 2019/03/15

OWASP China-Mainland, Beijing Area, Beijing, 2019/01/12

OWASP China-Mainland, Shaanxi Area, Xian, 2019/01/11


Translation Projects

OWASP Top 10 Project

* OWASP Top 10 2021

* OWASP Top 10 2017

* OWASP Top 10 2013


OWASP ProActive Controls Project

OWASP Serveless Top 10 Project

OWASP Secure Code Quick Reference

OWASP Docker Top 10

OWASP Top 10 Privacy Countermeasures

OWASP Internet of Things


Innovation Projects

OWASP Secure Software Development Lifecycle Project

OWASP中国区块链安全Top 10 2019