Press

=About OWASP= The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. There are over 70 OWASP Local Chapters world-wide that are free and open to anyone to attend. OWASP tools and documents can be used to detect and to guard against security-related design and implementation flaws, as well as to add security-related activities into your Software Development Life Cycle (SDLC).

For additional detail about OWASP, leadership, and corporate details, please refer to the About OWASP page.

Featured projects include:


 * OWASP Top 10 (The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are) http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project


 * OWASP WebGoat (WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project


 * OWASP ESAPI (FOSS (Free and open source software) Security Library for Java, PHP, .NET, ASP and Haskell) http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API


 * OWASP Live CD! Collection of OWASP tools on a CD that you can boot from any computer! http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project


 * OWASP Application Security Verification Standard http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project


 * OWASP Code Review Guide http://www.owasp.org/index.php/Category:OWASP_Code_Review_Project


 * OWASP Developers Guide http://www.owasp.org/index.php/Category:OWASP_Guide_Project


 * OWASP.NET Project http://www.owasp.org/index.php/Category:OWASP_.NET_Project


 * OWASP Legal Project (Secure Software Contracts for Developers/Clients) http://www.owasp.org/index.php/Category:OWASP_Legal_Project


 * OWASP SAMM (Software Assurance Maturity Model)http://www.owasp.org/index.php/Category:OWASP_Software_Assurance_Maturity_Model_Project


 * OWASP Testing Guide ("best practice" penetration testing framework) http://www.owasp.org/index.php/Category:OWASP_Testing_Project

= Press Inquiries =

For any inquiries about OWASP, OWASP Projects, or for interviews and/or backgrounds, please utilize our CONTACT FORM so we can track and route your request.

= Press Releases =

OWASP Top 10 2010 Press Releases


 * OWASP Top 10 for 2010 Released (English), (Spanish), (French), (Greek), (Chinese), (Thai)

OWASP ASVS Press Releases


 * Coming soon!

OWASP Common Numbering Press Releases


 * Coming soon!

OWASP Development Guide Press Releases


 * OWASP Development Guide Project begins work on next Guide version

OWASP ESAPI Press Releases


 * Coming soon!

OWASP Legal Press Releases


 * Coming soon!

= Upcoming OWASP Events =

For more information on OWASP events, please see The OWASP Conference page

= OWASP News =

For coverage of what is currently going on within OWASP, see the OWASP blog - Click Here

For the regular OWASP Newsletter - Click Here