Template:OWASP News

Jul 31 - Fortify donates vulnerability research to OWASP

OWASP is pleased to announce the immediate free and open availability of an extensive classification of software security vulnerabilities created and donated by Fortify Security Inc. The full set of vulnerabilities and the research that accompanies it is available in the OWASP Honeycomb Project.


 * Jul 11 - Two part interview on Ajax with OWASP's Andrew van der Stock
 * In this two part interview, Andrew discusses the key security threats facing Ajax applications and practical advice for securing them. "I expect more Ajax vulnerabilities and exploits to surface, and I expect researchers to come up with additional "new" flaws that need to be protected against."


 * '''Jun 29 - OWASP .NET project now at www.owasp.org
 * Coming full circle, the OWASP .NET Project (lead by Dinis Cruz) is now hosted here at the www.owasp.org website. The objective is to consolidate all OWASP projects in one location, and to benefit from cross-project linkage. All information that was hosted at the previous www.owasp.net wiki has now been ported and in the comming weeks, more will be added.


 * Jun 26 - OWASP PHP Top 5 Released
 * OWASP is pleased to announce the immediate availability of OWASP PHP Top 5. The OWASP Top 5 is an education piece which provides up to date advice to PHP developers, hosters, and other PHP users. The Top 5 is produced by the OWASP PHP Project.


 * Jun 23 - New version of WebScarab released
 * The new version has a new logo, several new features, and some bugfixes. There are better capabilities for authentication and certificates, dropping conversations, and searching results. There are plugin enhancements to the spider, session id analyzer, and fuzzer. There's also a new extension for forced browsing to obvious extensions.


 * Older news...