This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

CISO AppSec Guide: About OWASP

Jump to: navigation, search

< Back to the Application Security Guide For CISOs



OWASP is a global open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. OWASP builds documents, tools, teaching environments, guidelines, checklists, and other materials to help organizations improve their capability to produce secure code. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

OWASP was formed in 2001, in an entirely organic fashion, when a group of security professionals came to realize how terribly insecure the way we develop our web applications was. The initial goal was deemed to be modest: write a guide for developers, which would document secure software development practices. While the initial effort was meant to last a few weeks, it came out to several hundred pages. When released, the OWASP Guide to Building Secure Web Applications was an instant success. The OWASP Guide Series now encompasses six documents.

OWASP is a place where good people gather to help increase the awareness of the security problems in applications. It is a grass-roots effort, with the driving force being the people who are dealing with these problems every day, and wanting to lend a hand to change the situation for the better. The OWASP Foundation is a not-for-profit entity that ensures the project's long-term success.

The OWASP Foundation is a US 501(c)(3) not-for-profit organization. OWASP Europe VZW is a non-profit organization registered in Belgium.


Everyone is welcome to participate in our forums, projects, chapters, and conferences. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert. All OWASP's documents, tools and other resources are published using open source licenses, and are available free of charge.

Local Chapters

OWASP has almost 200 local chapters around the world. Chapter meetings are always free to attend, are vendor neutral and the presentations are made available free-of-charge on each chapter's web page. The meetings help foster local discussion of application security around the world.

To find your nearest local chapter, information on how to start a new one, and how to run a chapter see and

AppSec Conferences

For the last ten years, OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C. Presentation slides and video recordings are available free of charge on the OWASP website after each conference.

For upcoming global and regional events see


To find almost 80 national and international Legislation, standards, guidelines, committees and industry codes of practice that refer to OWASP see

Helping to Support OWASP's Mission

Many organizations have been corporate or education supporters. many more have encourage their employees to contribute time and resources to OWASP Projects.

OWASP has also produced six guidance documents for other groups, suggesting how they could best support OWASP's mission. These are known as the OWASP Application Security Codes of Conduct, for government bodies, educational institutions, standards groups, trade organizations, certifying bodies, and development organizations. The Codes of Conduct can be downloaded from the project page


Our global address for general correspondence is:

FAO Kate Hartmann
OWASP Foundation
1200-C Agora Drive, #232
Bel Air, MD 21014
United States

The European correspondence address is below:

Leinstraat 104A
B-9660 Opbrakel

Or phone Kate Hartmann at +1 301-275-9403 or use the contact form at