This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Main Page"

From OWASP
Jump to: navigation, search
 
(389 intermediate revisions by 21 users not shown)
Line 1: Line 1:
<!-- ---------- BEGINNING OF HEADER SECTION -------------------------- -->
+
<div style="float:left;width:50%;">
{|style="width:100%; background-color:#eeeeff; border: 1px solid #ccc"
+
<iflanguage is="en">
|<div style="text-align:center;margin-top:10px;font-weight:bold;font-size:180%">Welcome to OWASP</div>
+
<div style="font-weight:bold;font-size:162%;border:none;margin: 0;color:#000">'''[[About The Open Web Application Security Project|OWASP&trade; Foundation]]'''</div><div style="top:+0.2em;font-size: 95%">the free and open software security community</div>
<div style="text-align:center;margin-bottom:10px;font-weight:bold;font-size:120%">The Open Web Application Security Project</div>
+
</iflanguage>
<div>The Open Web Application Security Project (OWASP) is dedicated to finding and fighting the causes of insecure software. Our open source projects and local chapters produce free, unbiased, open-source documentation, tools, and standards. The OWASP community also facilitates conferences, local chapters, articles, papers, and message forums. The OWASP Foundation, a not-for-profit charitable organization, ensures the ongoing availability and support for our work. Participation in OWASP is free and open to all, as are all the materials here.
+
<iflanguage is="es">
<div style="width:100%;text-align:right;font-size:85%;">[[Special:Statistics|{{NUMBEROFARTICLES}} articles]]</div>
+
<div style="font-weight:bold;font-size:162%;border:none;margin: 0;color:#000">'''[[About The Open Web Application Security Project/es|The OWASP Foundation]]'''</div><div style="top:+0.2em;font-size: 95%">la comunidad libre y abierta sobre seguridad en aplicaciones</div>
 +
</iflanguage>
 +
</div>
 +
 
 +
<div style="float:right;">
 +
[[Image:OWASP_Donations_Banner.jpg|300px|link=https://owasp.org/donate]]<br />
 +
</div>
 +
<!--<div style="width:100%;border-top:1px solid;border-bottom:1px solid;">[[Image:Coverphoto(2).png|1000px|center]]</div>-->
 +
<center>
 +
{| style="width:100%;background:none;"
 +
| style="font-size:95%;text-align:left;color:#000" |[https://myowasp.force.com Member Portal] '''·''' [[About The Open Web Application Security Project|About]] '''·'''  [[Searching|Searching]] '''·''' [[Tutorial|Editing]] '''·''' [[How to add a new article|New Article]]  '''·'''  [[OWASP Categories]] '''·''' [https://owasporg.atlassian.net/servicedesk/customer/portal/7/group/18/create/72 Contact Us]
 +
| style="font-size:95%;padding:10px 0;margin:0px;text-align:right;color:#000" [[Special:Statistics|Statistics]] '''·'''  [https://www.owasp.org/index.php?title=Special:Recentchanges&limit=100&hidebots=0 Recent Changes]
 
|}
 
|}
 +
</center>
 +
<hr />
 +
<!-- BANNER IMAGE -->
 +
<!-- Save it for next time <div style="width:80%;height:auto;">
 +
  <div><h2>JOIN US AT GLOBAL APPSEC AMSTERDAM 2019!</h2></div> 
 +
  <div class="res-img">[[File:GlobalAppSecAMS1200x600.png | link=#]]   
 +
  </div>
 +
  <div style="position:absolute;left:15%;margin-top:-8%;text-align:center;">[https://www.regonline.com/registration/Checkin.aspx?EventId=2568596<span style="color:white;font-size:2em;font-weight:bold;">Register Here</span>]</div>
 +
</div>-->
 +
<!-- Main Content -->
 +
{| style="width:100%;border-spacing:8px;margin:0px -8px"
  
==Participation==
+
<!-- Start of left-column -->
 +
| class="MainPageBG" style="width:50%;border:1px solid #cedff2;background-color:#f5faff;vertical-align:top" |{{Main Left Panel}}
  
We invite you to join us. If your organization is using OWASP materials, please support our efforts by [[Membership|becoming a member]]. There is no obligation to become a member to use our materials or participate in the application security community. Yet we rely on your organizations' memberships to make OWASP happen. Don't miss your chance to support what we're trying to accomplish. As a 501c3 not-for-profit, all membership dues go to supporting OWASP activities.
+
<!-- Start of right-column -->
 +
| class="MainPageBG" style="width:30%;border:1px solid #cedff2;background-color:#f5faff;vertical-align:top" |{{Main Right Panel}}
  
==Upcoming Events==
+
<!-- End of Main Content -->
 
+
|}
Events events events
 
 
 
==What You'll Find Here==
 
 
 
Whether you're just [[Getting Started]] in application security or you're an expert, there's information here for you. Find out about [[:Category:Vulnerability|Application Vulnerability Areas]], [[:Category:Countermeasure|Countermeasures]], [[Threat Modeling]], [[:Category:Activity|Secure Development Lifecycle]], and how to build secure applications on platforms like [[:Category:Java|J2EE]], [[:Category:.NET|.NET]], [[Category:PHP|PHP]], and more.
 
 
 
There are also lots of [[:Category:OWASP Download|materials]] available for download. There are [[:Category:OWASP Tool|Tools]], [[:Category:OWASP Paper|Technical Papers]], [[:Category:OWASP Presentation|Presentations]], [[:Category:OWASP Video|Videos]], [[:Category:OWASP Template|Templates]], [[:Category:OWASP Checklist|Checklists]], and more. All OWASP materials are free and licensed under an approved open source license. Some of our most popular downloads include:
 
 
 
* The [[OWASP Guide Project|Guide to Building Secure Web Applications and Web Services]] book
 
* The [[OWASP WebScarab Project|WebScarab]] web application and web service penetration testing tool
 
* The [[OWASP WebGoat Project|WebGoat]] web application security training environment
 
* The [[OWASP Top Ten|Top Ten Most Critical Web Application Security Vulnerabilities]] awareness paper
 
* [[:Category:OWASP Download|more...]]
 
 
 
==OWASP Projects==
 
 
 
OWASP has a variety of [[:Category:OWASP Project|Projects]] underway to advance the state of the art in different areas of application security. Anyone can join our projects and help out. All you have to do is [[:Category:OWASP Project|choose]] a project and request a task. A few of the projects that need help right now:
 
 
 
* The [[OWASP AJAX Security Project|AJAX Security Project]] is looking for writers and developers
 
* The [[OWASP WebGoat Project|WebGoat Project]] needs a lesson on AJAX security
 
* The [[OWASP Guide Project|Guide Project]] needs reviewers for version 2.2
 
 
 
==OWASP Community==
 
 
 
[[:Category:OWASP List|Mailing Lists]]
 
 
 
[[:Category:OWASP Chapter|Local Chapters]]
 
 
 
[[:Category:OWASP Conference|OWASP AppSec Conferences]]
 
 
 
==links==
 
 
 
[[af:Wikipedia:Ambassade]]
 
[[als:Wikipedia:Botschaft]]
 
  
 
__NOTOC__ __NOEDITSECTION__
 
__NOTOC__ __NOEDITSECTION__
 +
__INDEX__

Latest revision as of 13:51, 23 January 2020

OWASP™ Foundation
the free and open software security community


OWASP Donations Banner.jpg

Member Portal · About · Searching · Editing · New Article · OWASP Categories · Contact Us Statistics · Recent Changes

Every vibrant technology marketplace needs an unbiased source of information on best practices as well as an active body advocating open standards. In the Application Security space, one of those groups is the Open Web Application Security Project™ (or OWASP for short).

The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies, and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security.

Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. You'll find everything about OWASP here on or linked from our wiki and current information on our OWASP Blog. OWASP does not endorse or recommend commercial products or services, allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide.

We ask that the community look out for inappropriate uses of the OWASP brand including use of our name, logos, project names, and other trademark issues.

There are thousands of active wiki users around the globe who review the changes to the site to help ensure quality. If you're new, you may want to check out our getting started page. As a global group of volunteers with over 45,000 participants, questions or comments should be sent to one of our many mailing lists focused on a topic or directed to the staff using the OWASP Contact Us Form.

Pick an OWASP Project - Find Your Local OWASP Chapter

Flagship Projects

Projects that have demonstrated strategic value to OWASP and application security as a whole

Tool Projects
Automatically finds security vulnerabilities in your web applications while you are developing and testing your applications
A collection of easy-to-use application security tools and documentation available in multiple formats
Pentesting tool to more efficiently find, verify and combine vulnerabilities in short timeframes
A utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities
A web and mobile application security training platform to foster and improve security awareness among a varied skill-set demographic
An open source vulnerability management tool that streamlines the testing process by offering templating, report generation, metrics, and baseline self-service tools
An intentionally insecure webapp for security trainings written entirely in JavaScript which encompasses the entire OWASP Top Ten and other severe security flaws
A tool that is used as a guide for building and verifying secure software that can also be used to train developers about application security
A Software Composition Analysis (SCA) platform that keeps track of all third-party components used in all the applications an organization creates or consumes. It monitors all applications in its portfolio in order to proactively identify vulnerabilities in components that are placing your applications at risk
Code Projects
A set of generic attack detection rules for use with ModSecurity or compatible web application firewalls which aims to protect web applications from a wide range of attacks
A library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) attacks
Documentation Projects
Provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development
A conceptual framework and methodology that offers prescriptive guidance to implement intrusion detection and automated response into applications
An open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization
A powerful awareness document for web application security that represents a broad consensus about the most critical security risks to web applications
Includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics.
A security standard for mobile apps and a comprehensive testing guide that covers the processes, techniques, and tools used during a mobile app security test, as well as an exhaustive set of test cases that enables testers to deliver consistent and complete results.

Thank-you-word-cloud-1024x791.jpg

Thank you to our our corporate supporters that enable us to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. A complete list of our current corporate and academic supporters can be found on our Acknowledgements Page





Hundreds of Hours of AppSec Videos



Stack-of-books.jpg

Citations

Who Trusts OWASP?
Citations of National & International Legislation, Standards, Guidelines, Committees and Industry Codes of Practice - Click Here
Book-cup2.png

OCoC

How can OWASP help your org?
Government Bodies
Educational Institutions
Standards Groups
Trade Organizations
Certifying Bodies
Development Organizations

Security101

Ask a software security question on our Slack channel - open to all, experts to beginners
Podium-icon.jpg

Upcoming Events

Security Conferences, Training
Global, Regional and Local - Click Here
ProjectIcon 1.png

Start a Project

How to Start an OWASP Project

New Project

How to update an existing project

Existing Project

My recent documents.gif

News

OWASP News

OWASP in the news: An excellent article on OWASP and the Internet of Things
OWASP newsletters report on events, projects, people, tools, updates Sign Up Here...

Social-networking.png

Social Media

Blog-icon-200.png

Blog

OWASP Blog
The OWASP blog has global announcements - Click Here
Podcast.png

Podcast

Security Podcast
Listen as interviews are conducted with OWASP volunteers, industry experts Click Here
Globe Icon House 1330502.jpg

Start a Chapter

OWASP Chapters

Start/Locate a Local Chapter

QuestionMark.png

Contact Us

Got Questions?
Please submit your questions, comments and requests and our staff will help Click Here




Retrieved from "https://wiki.owasp.org/index.php?title=Main_Page&oldid=256668"