The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. There are over 70 OWASP Local Chapters world-wide that are free and open to anyone to attend. OWASP tools and documents can be used to detect and to guard against security-related design and implementation flaws, as well as to add security-related activities into your Software Development Life Cycle (SDLC).
For additional detail about OWASP, leadership, and corporate details, please refer to the About OWASP page.
Featured projects include:
- OWASP Top 10 (The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are) http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
- OWASP WebGoat (WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
- OWASP Live CD! Collection of OWASP tools on a CD that you can boot from any computer! http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
- OWASP Application Security Verification Standard http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project
- OWASP Code Review Guide http://www.owasp.org/index.php/Category:OWASP_Code_Review_Project
- OWASP Developers Guide http://www.owasp.org/index.php/Category:OWASP_Guide_Project
- OWASP SAMM (Software Assurance Maturity Model)http://www.owasp.org/index.php/Category:OWASP_Software_Assurance_Maturity_Model_Project
- OWASP Testing Guide ("best practice" penetration testing framework) http://www.owasp.org/index.php/Category:OWASP_Testing_Project
- August 15: OWASP AppSec USA 2014 Adds Leading Global Experts to List of Speakers - http://owasp.blogspot.com/2014/08/owasp-appsec-usa-2014-adds-leading.html?spref=tw
- August 13: Call for Speakers: OWASP Ghana Cybersecurity Conference - http://owasp.blogspot.com/2014/08/call-for-speakers-owasp-ghana.html
- August 13: THIS Friday is the DEADLINE to SUMBIT your Candidacy for the 2014 OWASP BOARD of DIRECTORS - http://owasp.blogspot.com/2014/08/this-friday-is-deadline-to-submit-your.html
- July 31: Videos from AppSec Europe 2014 - http://owasp.blogspot.com/2014/07/at-last-appsec-europe-owasp-media.html
For any inquiries about OWASP, OWASP Projects, or for interviews and/or backgrounds, please utilize our CONTACT FORM so we can track and route your request.
- March 12, 2012: AppSec DC Press Release: [http://owasp.blogspot.com/2012/03/appsecdc-2012.html]
- March 9, 2012: OWASP Mission and Principles: [http://owasp.blogspot.com/2012/03/owasp-mission-and-principles.html]
AppSec Israel: September 2
AppSec Israel will include 2 lecture tracks, and a sponsors display area for vendors of products and services relevant to Application Security. The annual OWASP AppSec Israel 2014 conference will be held at the Interdisciplinary Center in Herzliya (IDC) on Sepetember 2nd, 2014, in the Efi Arazi school of Computer Science. More information on AppSec Israel can be found here: https://www.owasp.org/index.php/AppSec_Israel_2014
Attending the conference is free of charge, however advance registration is required. Please register here.
AppSec USA 2014: September 16-19
AppSec USA is a world-class software security conference for developers, auditors, risk managers, technologists, and entrepreneurs gathering with the world’s top practitioners to share the latest research and practices, in the high energy atmosphere of Downtown Denver.
Why should you attend? Insightful keynote addresses delivered by leading industry visionaries from thought leaders of critical infrastructure. Over 50 sessions across 5 tracks (developer, tester, operations, workshops, and legal) with world-renowned subject matter experts An all-new Legal Track to address industry regulations, privacy laws, liability, and more A hands-all Workshop Track providing instruction on essential security tools and skills Thousands of attendees exclusively focused on Software Security Extensive Capture the Flag competition developed exclusively for AppSec USA 2014 Home-brewed beer competition open to all attendees Convenience of Downtown Denver.
Registration can be found on the official conference website here: http://2014.appsecusa.org/2014/
For more information on OWASP events, please see The OWASP Conference page