Category:OWASP Guide Project

Guide Table of Contents

Overview
The OWASP Guide to Building Secure Web Applications v2 is now released. Its release was announced at Black Hat in Las Vegas in late July 2005. This new version of the OWASP Guide is a major overhaul of the original document, containing nearly three times as much material. The project is currently steered by Andrew van der Stock.

The original OWASP Guide had become a staple diet for many web security professionals. Since 2002, the initial version was downloaded over 2 million times. Today, the Guide is referenced by many leading government, financial, and corporate standards and is the Gold standard for web application security.

The Guide is aimed at architects, developers, consultants and auditors and is a comprehensive manual for designing, developing and deploying secure web applications.

Volunteers Needed
Much work remains to be done in these sections:
 * Distributed Computing
 * Deployment

OWASP Guide 2.0 Downloads
If you need a stable edition of the Guide, you should use one of these editions:

OWASP Guide 2.0.1 (English)
 * PDF (3 MB)
 * Word (zip file, 1.4 MB)

OWASP Guide 1.1.1 (Japanese, にほんご)
 * PDF (1.4 MB)

Earlier versions of the Guide (1.0 and 1.1.1) can be found at our file download center, and in CVS.

OWASP Guide 3.0 (Current)
If you'd like a point in time version of the Guide 3.0 in PDF format:
 * Guide 3.0 draft as of March 2006

This file is regenerated from time to time.

OWASP Guide 3.0
This is the working (current) draft of the OWASP Guide 3.0. Please login to make changes as you see fit. Changes will be vetted by the OWASP Guide Project team.

OWASP Guide 3.0 Table of Contents

OWASP Guide 3.0 (Japanese)
This will hold the working (current) draft of the translation of the OWASP Guide 3.0 to Japanese.

Roadmap
OWASP Guide Project Roadmap

Mailing List
Subscribe to the mailing list go at http://lists.owasp.org/mailman/listinfo/owasp-guide