Share to: share facebook share twitter share wa share telegram print page

OWASP

OWASP
Founded2001[1]
FoundersMark Curphey[1]
Type501(c)(3) nonprofit organization
PurposeWeb security, application security, vulnerability assessment
MethodIndustry standards, conferences, workshops
Membershipapprox. 13,000 volunteers (2017)[4]
Key people
Andrew van der Stock, Executive Director; Kelly Santalucia, Director of Events and Corporate Support; Harold Blankenship, Director of Technology and Projects; Jason C. McDonald, Director of Community Development; Dawn Aitken, Operations Manager; Lauren Thomas, Event Coordinator[2]
RevenueDecrease $2.3 million (2017)[3]
Websiteowasp.org

OWASP, the Open Worldwide Application Security Project (formerly Open Web Application Security Project), is an online community that publishes open-source information and resources on IoT, system software and web application security.[5] It is led by a non-profit called The OWASP Foundation.

History

Mark Curphey started OWASP on September 9, 2001.[1] Jeff Williams served as the volunteer Chair of OWASP from late 2003 until September 2011. As of 2015, Matt Konda chaired the Board.[6] The OWASP Foundation, a 501(c)(3) non-profit organization in the US established in 2004, supports the OWASP infrastructure and projects. Since 2011, OWASP is also registered as a non-profit organization in Belgium under the name of OWASP Europe VZW.[7] In February 2023, it was reported by Bil Corry, a OWASP Foundation Global Board of Directors officer,[8] on Twitter that the board had voted for renaming from the Open Web Application Security Project to its current name, replacing Web with Worldwide.[9]

Resources

Tools

  • OWASP ZAP: a penetration testing tool.
  • Webgoat: a deliberately insecure web application created by OWASP as a guide for secure programming practices.[1]

Publications

Models and standards

  • OWASP Software Assurance Maturity Model[19]
  • OWASP Application Security Verification Standard (ASVS): A standard for performing application-level security verifications.[20]

Other projects

  • OWASP XML Security Gateway (XSG) Evaluation Criteria Project.[21]
  • OWASP AppSec Pipeline[22]
  • OWASP Automated Threats to Web Applications[23][24]
  • OWASP API Security Project[25]
  • OWASP AI Maturity Assessment Project (AIMA)[26]

Certifications

They also several certification schemes.[27][28][29]

Awards

The OWASP organization received the 2014 Haymarket Media Group SC Magazine Editor's Choice award.[30][31]

See also

References

  1. ^ a b c d Huseby, Sverre (2004). Innocent Code: A Security Wake-Up Call for Web Programmers. Wiley. p. 203. ISBN 0470857447.
  2. ^ "OWASP Foundation Staff". OWASP. February 12, 2023. Retrieved May 3, 2022.
  3. ^ "OWASP FOUNDATION INC". Nonprofit Explorer. ProPublica. May 9, 2013. Retrieved January 8, 2020.
  4. ^ "OWASP Foundation's Form 990 for fiscal year ending Dec. 2017". October 26, 2018. Retrieved January 8, 2020 – via ProPublica Nonprofit Explorer.
  5. ^ "OWASP Internet of Things". Retrieved December 26, 2023.
  6. ^ "Board". OWASP. Archived from the original on September 16, 2017. Retrieved February 27, 2015.
  7. ^ "OWASP Europe". OWASP. Archived from the original on April 17, 2016. Retrieved July 7, 2024.
  8. ^ "Global Board". owasp.org. Archived from the original on April 29, 2024. Retrieved July 7, 2024.
  9. ^ Corry, Bil [@bilcorry] (February 25, 2023). "A change you might notice about @owasp , the Board voted to change the "W" from "Web" to "Worldwide", making it the "Open Worldwide Application Security Project"" (Tweet). Retrieved July 7, 2024 – via Twitter.
  10. ^ "OWASP Top Ten". owasp.org. Archived from the original on July 6, 2024. Retrieved July 7, 2024.
  11. ^ Trevathan, Matt (October 1, 2015). "Seven Best Practices for Internet of Things". Database and Network Journal. Archived from the original on November 28, 2015.
  12. ^ Crosman, Penny (July 24, 2015). "Leaky Bank Websites Let Clickjacking, Other Threats Seep In". American Banker. Archived from the original on November 28, 2015.
  13. ^ Pauli, Darren (December 4, 2015). "Infosec bods rate app languages; find Java 'king', put PHP in bin". The Register. Retrieved December 4, 2015.
  14. ^ "OWASP top 10 vulnerabilities". developerWorks. IBM. April 20, 2015. Retrieved November 28, 2015.
  15. ^ "Payment Card Industry (PCI) Data Security Standard" (PDF). PCI Security Standards Council. November 2013. p. 55. Retrieved December 3, 2015.
  16. ^ "Open Web Application Security Project Top 10 (OWASP Top 10)". Knowledge Database. Synopsys. Synopsys, Inc. 2017. Retrieved July 20, 2017. Many entities including the PCI Security Standards Council, National Institute of Standards and Technology (NIST), and the Federal Trade Commission (FTC) regularly reference the OWASP Top 10 as an integral guide for mitigating Web application vulnerabilities and meeting compliance initiatives.
  17. ^ "Authorization remains #1 issue – OWASP 2023 Top 10 List". Cerbos. Retrieved September 2, 2024.
  18. ^ "OWASP Incident Response Project – OWASP". Archived from the original on April 6, 2019. Retrieved December 12, 2015.
  19. ^ "What is OWASP SAMM?". OWASP SAMM. Retrieved November 6, 2022.
  20. ^ Baar, Hans; Smulters, Andre; Hintzbergen, Juls; Hintzbergen, Kees (2015). Foundations of Information Security Based on ISO27001 and ISO27002 (3 ed.). Van Haren. p. 144. ISBN 9789401800129.
  21. ^ "Category:OWASP XML Security Gateway Evaluation Criteria Project Latest". Owasp.org. Archived from the original on November 3, 2014. Retrieved November 3, 2014.
  22. ^ "OWASP AppSec Pipeline". Open Web Application Security Project (OWASP). Archived from the original on January 18, 2020. Retrieved February 26, 2017.
  23. ^ "AUTOMATED THREATS to Web applications" (PDF). OWASP. July 2015.
  24. ^ "OWASP Automated Threats to Web Applications". owasp.org. Archived from the original on June 29, 2024. Retrieved July 7, 2024.
  25. ^ "OWASP API Security Project – OWASP Foundation". OWASP.
  26. ^ "OWASP AI Maturity Assessment Project – OWASP Foundation". OWASP.
  27. ^ "qa.com | Certified OWASP Security Fundamentals (QAOWASPF)". www.qa.com. Retrieved October 25, 2024.
  28. ^ "A01 Broken Access Control – OWASP Top 10:2021". owasp.org. Retrieved October 25, 2024.
  29. ^ "A02 Cryptographic Failures – OWASP Top 10:2021". owasp.org. Retrieved October 25, 2024.
  30. ^ "SC Magazine Awards 2014" (PDF). Media.scmagazine.com. Archived from the original (PDF) on September 22, 2014. Retrieved November 3, 2014.
  31. ^ "Winners | SC Magazine Awards". Awards.scmagazine.com. Archived from the original on August 20, 2014. Retrieved July 17, 2014. Editor's Choice [...] Winner: OWASP Foundation
Index: pl ar de en es fr it arz nl ja pt ceb sv uk vi war zh ru af ast az bg zh-min-nan bn be ca cs cy da et el eo eu fa gl ko hi hr id he ka la lv lt hu mk ms min no nn ce uz kk ro simple sk sl sr sh fi ta tt th tg azb tr ur zh-yue hy my ace als am an hyw ban bjn map-bms ba be-tarask bcl bpy bar bs br cv nv eml hif fo fy ga gd gu hak ha hsb io ig ilo ia ie os is jv kn ht ku ckb ky mrj lb lij li lmo mai mg ml zh-classical mr xmf mzn cdo mn nap new ne frr oc mhr or as pa pnb ps pms nds crh qu sa sah sco sq scn si sd szl su sw tl shn te bug vec vo wa wuu yi yo diq bat-smg zu lad kbd ang smn ab roa-rup frp arc gn av ay bh bi bo bxr cbk-zam co za dag ary se pdc dv dsb myv ext fur gv gag inh ki glk gan guw xal haw rw kbp pam csb kw km kv koi kg gom ks gcr lo lbe ltg lez nia ln jbo lg mt mi tw mwl mdf mnw nqo fj nah na nds-nl nrm nov om pi pag pap pfl pcd krc kaa ksh rm rue sm sat sc trv stq nso sn cu so srn kab roa-tara tet tpi to chr tum tk tyv udm ug vep fiu-vro vls wo xh zea ty ak bm ch ny ee ff got iu ik kl mad cr pih ami pwn pnt dz rmy rn sg st tn ss ti din chy ts kcg ve
Prefix: a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9

Portal di Ensiklopedia Dunia

Portal : Agama
Agama
Portal : Bahasa
Bahasa
Portal : Biografi
Biografi
Portal : Budaya
Budaya
Portal : Ekonomi
Ekonomi
Portal : Elektronika
Elektronika
Portal : Film
Film
Portal : Filsafat
Filsafat
Portal : Geografi
Geografi
Portal : Indonesia
Indonesia
Portal : Ilmu
Ilmu
Portal : Lingkungan
Lingkungan
Portal : Masyarakat
Masyarakat
Portal : Matematika
Matematika
Portal : Militer
Militer
Portal : Mitologi
Mitologi
Portal : Musik
Musik
Portal : Olahraga
Olahraga
Portal : Pendidikan
Pendidikan
Portal : Politik
Politik
Portal : Sastra
Sastra
Portal : Sejarah
Sejarah
Portal : Seni
Seni
Portal : Teknologi
Teknologi
Kembali kehalaman sebelumnya