We improve the security of apps with community-led open source projects, 260 local chapters, and tens of thousands of members worldwide. Famous for OWASP Top 10
Global
- Tweets 12,988
- Following 525
- Followers 216,229
- Likes 3,323
Pinned Tweet
Let's Open-Source some kindness!
Make a Donation - https://
owasp.org/donate/?repona
me=owasp.github.io
Join your local chapter - https://
owasp.org/chapters/
Find a project to get involved with - https://
owasp.org/projects/
8
22
9,499
It gives me great pleasure to announce the release of the OWASP Foundation API Security Top 10 - 2019 edition.
Thank you Inon Shkedy, Paulo Silva, and David Sopas for many MANY hours of work.
Download the full publication from here: lnkd.in/gM_dJQx
8
317
527
The OWASP Foundation will be holding a #Virtual #AppSec Days on April 27-29th. Visit our website to see the variety of #trainings we are offering, and reserve your spot today! appsecdays.org/
7
145
331
The OWASP Smart Contract Top 10 (2025) is here!
Stay ahead of emerging threats in smart contract security! Whether you're a Web3 developer, auditor, or blockchain enthusiast, this updated list is your go-to resource for securing smart contracts!
Read the full list here: owasp.org/www-project-smart-…
4
80
233
18,685
Improve your #Appsec skills for a great price! Visit our website today to register or learn more about OWASP Virtual Appsec Days and the 11 online training courses being offered. ow.ly/D7cN50zac5o
63
204
The OWASP Foundation would like to welcome GitLab as a Corporate Member. owasp.org/supporters
1
65
183
Join Ben Sadeghipour @NahamSec for Introduction to Web Application Hacking & Bug Bounty on Nov. 8-10. Participants are given hands-on experience by learning each vulnerability category & completing a series of challenges. usa.globalappsec.org/trainin…
#cybersecurity #bugbounty #appsec
3
29
187
The OWASP Top Ten IoT 2018 has been released! Congrats to @DanielMiessler @scriptingxss
and everyone who has contributed to the project.
We're elated to announce the release of the OWASP IoT Top 10 for 2018 !!!
This release focuses on simplicity and usability, with a list that combines the top issues facing manufacturers, enterprises, and consumers.
owasp.org/index.php/OWASP_In… #iot #infosec
92
161
Ever wonder how to get started with "bug bounties"? Join us on March 15 for our free, live Lightning Conference to learn how! Hosted by OWASP presented by @stokfredrik STÖK lightning.owasp.org/schedule…
5
46
168
⭕In 48 HOURS ⭕ - BEGINNERS JOIN US! @Farah_Hawaa will be on @Owasp_DevSlop for an introduction to some authentication flows in OAuth 2.0 followed by a demo of some common bug types that can be found in them. 🔗bit.ly/_OAuth2 Sponsored by @AppSecEngineer 🤓
1
19
147
OWASP and @WeHackPurple are pleased to announce their partnership. OWASP members now have free access to We Hack Purple's AppSec Fundamentals course, valued at $495. Thank you so much to @shehackspurple & the We Hack Purple team!
owasp.org/executive/director…
4
58
148
**FREE TRAINING **
You can request a free non-transferable seat for this training only via email to outreach@owasp.org. Telling us briefly why you would like to join will increase your chances of getting one of the limited seats in this training! august.appsecdays.org/
2
69
148
Every website has vulnerabilities. What are yours? #GetSmart learn mitigation techniques at OWASP Global AppSec in DC dc.globalappsec.org and Amsterdam ams.globalappsec.org #SecuredMyApp
2
34
140
Learn about #Android & #IoT app security by improving your mobile security testing kung-fu with @7aSecurity. This #AppSecDays course is ideal for #Penetration #Testers, #Mobile #Developers and everybody interested in #mobile #app #security. ow.ly/4m1M50zbbbF
46
132
The Application Security Verification Standard 4.0 was released at @nullcon! There are a huge number of improvements that make it the best ever @OWASP_ASVS! Get the new release here owasp.org/index.php/Category…
78
123
The videos from AppSec Europe are now available!
tinyurl.com/2017AppSecEurope
1
96
125
#Defenders, #Builders, and #Breakers all in one big tent. OWASP Global AppSec in DC dc.globalappsec.org/ and Amsterdam ams.globalappsec.org #SecuredMyApp
2
16
111
Next on @Owasp_DevSlop, Vickie Li will go through the basics of how to review your code for vulnerabilities and some tactics for performing an effective security code review. Join us live for a chance to win a membership for @BugBountyHunt3r ! 🔗meetup.com/OWASP-DevSlop-Pro…
26
123
Nuclei (@pdnuclei) is a community-powered scanner that can scan for almost every web-based vulnerability. How does it work and how can you tailor it to your needs? Join this session with @PinkDraconian to find out.
RSVP🔗:meetup.com/OWASP-DevSlop-Pro…
Sponsor✨ @datadoghq
1
30
117
#DiversityProud It's unacceptable that only 11% of cybersecurity pros are women or minorities. We are working to change that with nearly $35,000 in diversity grants for new faces to attend OWASP Global AppSec Amsterdam ams.globalappsec.org and DC dc.globalappsec.org…
12
51
105
Giving back to the AppSec community during a #pandemic is how we roll. Virtual AppSec Days $FREE conference and two-days of discounted online training appsecdays.org #giveback
19
92
⚡ NEW SHOW ⚡ Shubs (@infosec_au) joins @Owasp_DevSlop for a deeper dive into subdomain takeovers, and related attacks. Join us as we explore how these attacks work, and tools and methods to prevent them 💪
RSVP: meetup.com/OWASP-DevSlop-Pro…
Sponsor: @AppSecEngineer
13
93
Get ready for OWASP Chapters All Day, Coming weekend with 25 Chapters 24 Hours.
Streaming live at bit.ly/OWASPChaptersAllDay
Mark your calendar. #OWASP #ChaptersAllDay #giveback #community
2
69
87
Interested in learning how to turn your bugbounty hobby into a career? Join us for our free, live Lightning Conference that will teach you how! Hosted by OWASP presented by @stokfredrik STÖK lightning.owasp.org/schedule…
15
85
Did you know you can watch about 600 videos of OWASP and AppSec content on our YouTube channel?
Link to subscribe:
piped.video/user/OWASPGLOBAL…
52
84
Another article on OWASP API Security Project:
darkreading.com/application-…
36
85
OWASP excited to announce the new release of WSTG v4.1
owasp.org/www-project-web-se…
1
51
85
Great news! We just launched our first report for the OWASP Serverless Top 10 project. Thank everyone who participated in the project and made it possible with special thanks to our project sponsor, @ProtegoLabs.
Get the report and join us: ow.ly/fuiW30mxVTg
35
79
Welcome the 2022 OWASP Global Board of Directors
Vandana Verma - Chair
Grant Ongers - Vice Chair
Glenn ten Cate - Treasurer
Avi Douglen - Secretary
Bil Corry - Member at Large
Joubin Jabbari - Member at Large
Martin Knobloch - Member at Large
owasp.org/www-board/
5
24
85
OWASP would like to announce a new release for the Flagship project DefectDojo. The latest release is 1.6.0 and comes with numerous new features, bug fixes and improvements include importing from 77 different security tools. More info at github.com/DefectDojo/django…
1
38
80
NEXT WEEK on @Owasp_DevSlop: @Farah_Hawaa!🎊
Farah is joining the show for an introduction to some authentication flows in OAuth 2.0 followed by a demo of a few common bug types that can be found in them! 🔗bit.ly/_OAuth2
Episode sponsored by @AppSecEngineer
10
77
.@manicode's highly intensive and interactive #AppSecDays workshop provides essential application security training for web application and API developers. Reserve your spot today. appsecdays.org/trainings/#sk…
1
21
73
Bring your application #security #program from zero to hero with this 1/2 day course taught by @shehackspurple. Participants will learn; planning, scaling, and measuring your AppSec program. Learn more about this course and register today ow.ly/nWEr50zb9cy #AppSecDays
2
21
74
We are excited to announce the first #OWASP #Serverless Top 10 call for data. Help us better understand serverless applications risks.
We need you! forms.gle/QdFJhPRdC2NFSxARA
And don’t miss out the Serverless Top 10 talk on #OWASP #GlobalAppSec @OWASP_IL
43
69
New Year, new events! Join our global community for our first Lightning Conference on March 15th and understand how to make a career out of Bug Bounties! Featured speaker STÖK will guide you on tools, skills, and avoiding pitfalls. Register today!
ow.ly/VwKE50DrxOY
3
17
67
This interactive online #AppSecDays course will teach #security #professionals how to use #data #science techniques to quickly manipulate and analyze security data @cgivre. Register today ow.ly/k79Z50zb9Us
1
13
61
20 years ago today, the OWASP Foundation was formed as a non-profit organization. Here's to the next two decades of cybersecurity, and beyond!
Your donations help make our mission possible: owasp.org/donate/
1
15
59
8,109
We have been accepted to the Google Summer of Code! View our Ideas List and share to the interested students you know.
summerofcode.withgoogle.com/… #GSOC #OpenSource
2
31
63
🌟 Thank you to everyone who contributed to making our 20th Anniversary event a huge success! We look forward to continuing working with you and "Securing the Next 20 Years". #owasp
20
59
Thank You to @netflix @salesforce and @Uber for their generous support of the @appsecusa scholarship fund! We now have 27 women coming to @appsecusa on scholarship!!
@owasp
4
22
57
Hello Everyone, OWASP Chapters All Day is live!
Tune in to the channel : piped.video/channel/UCJNkJT4…
#owasp #owaspchapters #security #community
3
40
59
The #OWASP Chapters are hosting Virtual Chapters All Day on 06th of June, 2020.
Subscribe to the channel where all the talks will be live streamed by the chapters bit.ly/OWASPChaptersAllDay
24 Hours, 24 Chapters and 48 Talks
Stay Tuned for more updates. @owasp #ChaptersAllDay
42
57
Our official YouTube channel has now 600 videos of OWASP and AppSec content!
View them and subscribe:
piped.video/user/OWASPGLOBAL…
1
33
54
Today's session "Finding Security Vulnerabilities through Code Review - The OWASP way" by @mgreiler starts in 50 minutes.
Join us Live on the @Owasp_DevSlop Show.
🎫 piped.video/kpf3UkMc5Y4
18
55
We are happy to announce the @OWASP #ModSecurity @CoreRuleSet version 3.1 featuring a complete new group of rules against #Java injection attacks and much more.
#CRS3
coreruleset.org/20181128/ann…
40
55
Don’t forget to join us and @PentesterLab CEO, Louis Nyffenegger, for a no-holds-barred look at JWTs and how they can be exploited to bypass your authentication systems.
@Owasp_DevSlop RSVP🔗: bit.ly/snyff_
Episode sponsor✨: @datadoghq
9
55
OWASP is teaming up with @InfoSecMap to make cybersecurity events & resources more accessible, inclusive, and global - including OWASP Chapters & Events!
No marketing, pay-to-play nonsense - just human curated community & events.
Explore the brand new OWASP hub now: InfoSecMap.com/owasp
1
16
57
6,200
. @Owasp_DevSlop could not be more excited about the next episode! @Njuchi_ will join our hosts to discuss Kubernetes Security. Save your spot and join us LIVE for a live stream with a few surprises🔗bit.ly/njuchi_ Episode sponsor @datadoghq
2
17
59
During @fcerullo's #AppSec #training, participants will be able to identify the top 5 critical vulnerabilities in #web #applications, understand how #exploitation works & more. Visit ow.ly/fQRe50zaZMS to register for this course or to learn more about this online event.
16
53
Did someone say "Day Passes?" Yes, someone did. Save over 50% off at OWASP Global AppSec DC when you take a single day pass compared to the Full Conference price. dc.globalappsec.org
1
10
51
IN 1 HOUR! @InsiderPhD will be on the @Owasp_DevSlop show. She's joining us to talk about one of her favorite bugs, IDORs (A4)! Join us and participate to the giveaway sponsored by @PentesterLab!
💻YouTube: piped.video/lNcbSILRugM
2
9
54
Following recent developments relating to COVID-19, the OWASP Foundation has made the difficult decision to postpone the Global AppSec Dublin Conference to February 15-19, 2021. owasp.org/events/2020/03/12/…
1
37
54
This course is a 100% hands-on deep dive into the #OWASP Mobile #Security Testing Guide and relevant items of the OWASP #Mobile #Application #Security #Verification Standard, so this course covers and goes beyond the OWASP Mobile Top Ten. august.appsecdays.org/#sku_H… @7aSecurity
24
52
Almost exactly 1 year after her first speaking opportunity on @Owasp_DevSlop, @InsiderPhD will join us again to talk to us about one of her favourite bugs, IDORs (A4)! Thank you @PentesterLab for sponsoring the show!
📅Save the date: evt.to/ogmeadiw
6
57
In this show, we’ll talk to Louis Nyffenegger (@snyff) about attacking JWT implementation flaws, to help you assess and build secure JWT implementations.
🔗bit.ly/snyff_
Episode sponsor✨: Datadog
7
54
Nuclei (@pdnuclei) is a community-powered scanner that can scan for almost every web-based vulnerability. How does it work and how can you tailor it to your needs? Join @Owasp_DevSlop and @PinkDraconian to find out.
RSVP🔗:meetup.com/OWASP-DevSlop-Pro…
Sponsor✨ @datadoghq
10
54
Are you looking for a paid internship to that will allow you to dive deeply into a coding problem with an mentor? Join OWASP as we partner with Google for the Google summer of code. Applications close 3/26
owasp.org/index.php/GSoC
2
47
51
We're proud to announce that the OWASP Global YouTube channel is now at over 12,500 subscribers!
Use this link to subscribe yourself or share around:
piped.video/user/OWASPGLOBAL…
23
49
This #AppSecDays training will be filled with #demos designed from real-world #attacks to help understand all there is to attack and #secure such #applications @bondijois. ow.ly/9ncq50zbaZ9
1
19
49
DevOps for CISO is an online course being offered for a better understanding in: Agile and DevOps basics, , deployment, and operations, Agile threat modeling, Patch management in DevOps environments and much more. Join @Dave_von_S and register today. ow.ly/JeOS50zbaBG
1
19
52
OWASP API Security Top 10 2019 makes Cyber Security News
ow.ly/5a1g50xQ6Wu
18
48
No joke, we did have a data breach in late March involving the resumes of our earliest members. Rest assured, all current membership data remains secure. We recognize the unfortunate irony here, and are determined to make it our last breach.
Details here: owasp.org/blog/2024/03/29/OW…
3
20
49
21,447
Global AppSec Amsterdam recordings are now available on piped.video/playlist?list=PL…
#globalappsec
2
42
49
A new open-source tool allows testing the efficacy of WAF solutions in real-world conditions using millions of web requests. Refer to our corporate supporter @openappsec GitHub page for more details.#waf #websecurity #apisecurity #DevOps #DevSecOps github.com/openappsec/waf-co…
1
15
51
10,080
The Daily Swing #OWASPAPISecurityProject
The OWASP API Security Top 10
portswigger.net/daily-swig/o…
1
33
46
Celebrate with OWASP at our 20th Anniversary Event! For 24-hours beginning at 3amET we will be running 4 tracks with 5 keynote speakers, guest speakers and sponsors. Don't miss the opportunity to register for FREE! 20thanniversary.owasp.org/
1
27
53
We're publishing @AppSecUSA recordings on YouTube! - subscribe and hit the bell icon to receive notifications piped.video/user/OWASPGLOBAL…
30
50
800+ RSVPs 🔴Join us in 1 hour with our guest, @PentesterLab CEO, Louis (@snyff) who will be walking through attacking JWTs with us, so you can build better authentication.
@Owasp_DevSlop Twitch🔗: bit.ly/snyfff
Episode sponsor: @datadoghq
16
48
OWASP is community the community is OWASP! Can’t wait until we gather together again to learn from talks, to share from experiences and to have some Fun!!
16
50
More
Shout out to @InfosecN00bs who found and discloused a vulnerability on our platform! Welcome to the community N00bs! #n00bsec
1
8
44
We are closing in on a record 4500 OWASP members! We'd really like to hit 5,000. To help us get there, the 4500th member will receive an OWASP 20th Anniversary Shirt or Hoodie and an OWASP membership pin - if it happens today. Please join!
owasp.org/membership/
3
23
45
Have you been tasked with reviewing too much code in too little of time? This #AppSecDays course with @sethlaw & @cktricky addresses these common challenges in modern #secure #code review. Reserve your spot now. appsecdays.org/trainings/#sk…
12
44
🔴 1 HOUR before @Owasp_DevSlop with @urlichsanais! Join us for a discussion about #Kubernetes, how it changes our processes around deploying software, its benefits, and how to get started. We're also giving away a @kodekloud1 subscription. YouTube: piped.video/1nUoIFSon50
2
9
49
GET EXCITED! Only 1 HOUR before @vickieli7 goes through the basics of how to review your code for vulnerabilities on @Owasp_DevSlop. Let's hunt some bugs in source code and get a chance to win a subscription to @BugBountyHunt3r and more ! 🔗piped.video/A8CNysN-lOM
10
47
Save the Date:
Global AppSec Dublin 2020 (formerly AppSec EU)
June 15-19, 2020 at Convention Center in Dublin
URL: dublin.appsecglobal.org/
3
27
47
A new ambitious project - OWASP Secure Configuration Guide!
tinyurl.com/OWASP-SCG
4
42
45
Andrew van der Stock named OWASP Executive Director owasp.org/2020/06/29/announc…
6
15
44
After serving as its steward for over a decade, @Trustwave has agreed to transfer the reins of the renowned open-source web application firewall (WAF) engine, ModSecurity, to the Open Worldwide Application Security Project (OWASP). Read more at owasp.org/blog/2024/01/09/Mo…
2
18
43
14,803
Check out this line-up of speakers! Hear them talk at the #OWASP 20th Anniversary event beginning at 3am EDT on Friday, Sept. 24 as we celebrate our past 20 years and look forward to "Securing the Next 20 Years". owasp20thanniversaryevent20.…
20
45
OWASP Mobile Security Testing Guide is coming soon...!! Download alpha version: owasp.org/index.php/OWASP_Mo…
Send feedback to milan@owasp.org.!!
3
71
48
OWASP Foundation has been granted 10 project slots for GSoC 2018! Congratulations @owasp! #OWASP #AppSecUSA #AppSecEU
16
44
OWASP is looking for volunteers to review projects! Are you interested in joining the team?
owasp.blogspot.com/2017/01/o…
45
43
We are really close to a record 4000 members! Take advantage of our two year membership drive to help @owasp do our mission, as well as access great membership benefits, including member discounts at all our paid events! Membership can pay itself off :)
owasp.org/membership/
10
46
OWASP LATAM Tour 2018 México fue un gran éxito y tanto las diapositivas como las grabaciones de las charlas ya están disponibles oficialmente en el nuevo canal de Youtube de OWASP LATAM
piped.video/channel/UCEXEarS…
31
46
We would especially like to thank all of our trainers who participated in OWASP Virtual #AppSecDays April 2020 @cgivre, @bondijois, @manicode, @Dave_von_S, @salecharohit, @7aSecurity, @sebadele, @sethlaw, @cktricky, @gr4ybeard, @fcerullo & @shehackspurple
9
39
Don't miss part 2 of How to Analyze Code for Vulnerabilities on @Owasp_DevSlop! @tuxology & @vickieli7 will demonstrate how to use open-sourced code analysis tool Joern to make code analysis more efficient!
RSVP: bit.ly/3CrmZuv
Sponsor: @ShiftLeftInc
1
14
44
#Attacking #Android and #iOS apps by Example, is a hands-on practical 3-day training course at #GlobalAppSec #Amsterdam that will allow attendees to gain skills that can be applied to #mobile #security #assessments immediately. Reserve your spot today. globalappsecamsterdam2019.sc…
53
44
Many #developers assume that the libraries have done things right, but that trust is too often misplaced. There are cases where even if you as a developer have done everything right in your code, the application is still vulnerable to #SQL injection.
dev.to/owasp/sql-injection-i…
ALT American Chopper argument meme with the caption: "Your app is vulnerable to SQL injection." "I used a library." "The library was vulnerable." "It was a SQL library!" "You're responsible for your own dependencies"
2
16
39
9,416