What is Open Web Application Security Project (OWASP)?
The Open Web Application Security Project (OWASP) is a 501 (c) (3) non-profit organization founded in 2001 with the aim of improving the security of software applications and products. A joint project, OWASP, includes different types of initiatives such as incubator projects, laboratory projects and showcase projects to further develop the software process.
OWASP represents one of several vanguard groups that work with government agencies and other parties to improve digital technology standards for business and public use. As an open source or crowdsourcing model, OWASP offers a number of community projects designed to help others use technology more safely and effectively.
Some projects under the auspices of this group include a Software Assurance Maturity Model (SAMM) and development and testing guides that provide best practices for the tech industry. OWASP has also developed a code review guide, which is used by IT professionals to investigate source code problems and a standard for reviewing application code.
Another type of project development that OWASP carries out involves learning projects. For example, the group's “WebGoat” project consists of deliberately insecure tech structures that serve as a kind of training ground for IT people to conduct trial-and-error research on how technologies can be made safer.