Template:OWASP News


 * Jan 16 - OWASP Newsletter 2
 * 2nd OWASP newsletter with: OWASP News, Featured Projects, Featured Stories, Latest Blog Entries, Latest additions to the WIKI, OWASP Community, Application Security News and OWASP references in the Media.


 * Jan 7 - OWASP Newsletter 1
 * First OWASP newsletter with information about what is going on in the OWASP world


 * Jan 2 - The Best Security Books Reference OWASP
 * There are over 50 security books that reference OWASP. Many of the authors are contributing to OWASP, speaking at our conferences, and participating in our chapters. Some of the books just recommend OWASP, but many are structured around OWASP, and others have whole chapters dedicated to our tools.


 * Dec 10 - SANS and OWASP Partner to Add #1 Web Application Security to SANS Top 20
 * The SANS document is widely used, and we're extremely pleased that we could work with them to recognize the risks associated with web applications. From the document... "Every week hundreds of vulnerabilities are being reported in these web applications, and are being actively exploited. The number of attempted attacks every day for some of the large web hosting farms range from hundreds of thousands to even millions. All web frameworks (PHP, .NET, J2EE, Ruby on Rails, ColdFusion, Perl, etc) and all types of web applications are at risk from web application security defects, ranging from insufficient validation through to application logic errors."


 * Nov 28 - JBroFuzz 0.3 Released
 * This version adds a more stable core, length updating for fuzzed POST requests and allows you to specify your own fuzz vectors in a separate file.


 * Nov 26 - OWASP Report Generator 0.88 Released
 * A tool for security consultants that supports the documentation and reporting of security vulnerabilities discovered during security.


 * Nov 26 - OWASP Site Generator v.70 Released
 * A tool that allows the creating of dynamic websites based on XML files and predefined vulnerabilities (some simple, some complex) for testing application security tools.


 * Older news...