Press

About OWASP
The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. There are over 70 OWASP Local Chapters world-wide that are free and open to anyone to attend. OWASP tools and documents can be used to detect and to guard against security-related design and implementation flaws, as well as to add security-related activities into YOUR Software Development Life Cycle (SDLC). For more information please visit http://www.owasp.org or view a powerpoint overview of OWASP - Click Here

For additional detail about OWASP, leadership, and corporate details, please refer to the About OWASP page.

Featured projects include:


 * OWASP Top 10 (The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are) http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project


 * OWASP WebGoat (WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project


 * OWASP ESAPI (FOSS (Free and open source software) Security Library for Java, PHP, .NET, ASP and Haskell) http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API


 * OWASP Live CD! Collection of OWASP tools on a CD that you can boot from any computer! http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project


 * OWASP Application Security Verification Standard http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project


 * OWASP Code Review Guide http://www.owasp.org/index.php/Category:OWASP_Code_Review_Project


 * OWASP Developers Guide http://www.owasp.org/index.php/Category:OWASP_Guide_Project


 * OWASP.NET Project http://www.owasp.org/index.php/Category:OWASP_.NET_Project


 * OWASP Legal Project (Secure Software Contracts for Developers/Clients) http://www.owasp.org/index.php/Category:OWASP_Legal_Project


 * OWASP SAMM (Software Assurance Maturity Model)http://www.owasp.org/index.php/Category:OWASP_Software_Assurance_Maturity_Model_Project


 * OWASP Testing Guide ("best practice" penetration testing framework) http://www.owasp.org/index.php/Category:OWASP_Testing_Project

Press Inquiries
For any enquiries about OWASP, OWASP Projects, or for interviews and/or backgrounds, please contact the OWASP

Press Releases
OWASP Top 10 2010 Press Releases


 * OWASP Top 10 for 2010 Released (English), (Spanish), (French), (Greek), (Chinese), (Thai)

OWASP ASVS Press Releases


 * Coming soon!

OWASP Common Numbering Press Releases


 * Coming soon!

OWASP Development Guide Press Releases


 * OWASP Development Guide Project begins work on next Guide version

OWASP ESAPI Press Releases


 * Coming soon!

OWASP Legal Press Releases


 * Coming soon!

Upcoming OWASP Events
For more information on OWASP events, please see The OWASP Conference page

OWASP News
For coverage of what is currently going on within OWASP, see the OWASP blog - Click Here

For the regular OWASP Newsletter - Click Here