addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgooglegroupsimageimagesinstagramlinklocation-pinm-swarmSearchmailmessagesminusmoremuplabelShape 3 + Rectangle 1outlookpersonJoin Group on CardStartprice-ribbonImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruseryahoo

Every vibrant technology marketplace needs an unbiased source of information on best practices as well as an active body advocating open standards. In the Application Security space, one of those groups is the Open Web Application Security Project (or OWASP for short).

OWASP operates as a non-profit and is not affiliated with any technology company, which means it is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security. All of its articles, methodologies and technologies are made available free of charge to the public. OWASP maintains roughly 250 local chapters in 110 countries and counts thousands of members.

OWASP was started in 2001 and has operated since 2004 as the 501(c)(3) charitable OWASP Foundation which supports its infrastructure and projects. Its leadership is completely volunteer and makes decisions about technical direction, project priorities, schedule, and releases. OWASP has less than (10) employees to keep its operating costs low. OWASP collects corporate and individual membership dues and conference fees to award grants each year to promising AppSec research projects.

OWASP projects fall into two basic categories: development projects and documentation projects. Some of the foundation's more influential work includes:

The book-length OWASP Guide, The OWASP Code Review Project and the widely adopted OWASP Top 10which tracks the top software security vulnerabilities To advance routine testing of web applications, OWASP developed  WebScarab, an open source enterprise-level security scanning tool 

Secure development training is a large part of OWASP’s mission – so it created and maintains and deliberately insecure application called WebGoat solely as a teaching tool 

OWASP became an emerging standards body with the publication of its first open standard in 2008, the OWASP Application Security Verification Standard (ASVS). The ASVS Project aims to create a set of commercial standards for performing rigorous application-level security verification on a number of web-based technologies.Other OWASP projects are involved with advancing specific programming languages, functions and applications

OWASP hosts a number of global, regional and local events under the AppSec Conference banner. This important organization would tell any information security professional that the best way to understand the community’s mission is to become involved

@brennantom chapter leader.

Join us and be the first to know when new Meetups are scheduled
Log in with Facebook to find out
By creating a Meetup account, you agree to the Terms of Service

Click Pages for information on speaking, sponsoring and more!

Recent Meetups

What's new


Our Sponsors

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy