What is OWASP
The Open Web Application Security Project (OWASP) is a worldwide non-profitable charitable organization focused on improving the security of software. The OWASP community includes corporations, educational organizations, and individuals from all over the world. These communities work to create articles, methodologies, documentation, tools, and technologies and make them freely available to everyone to use and benefit from. OWASP does not endorse or recommend commercial products or services, allowing OWASP community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide. All OWASP expenses are covered by conferences, memberships, corporate sponsors and banner advertisements.
OWASP’s Mission and Core Values
OWASP’s mission is to make software security visible, so that individuals and organizations worldwide can protect themselves and make informed decisions about software security risks. Since its creation, OWASP always followed and supported 4 main values:
- OPEN: Everything at OWASP is totally transparent from finances to code.
- INNOVATION: OWASP encourages and supports innovation/experiments for solutions to software security challenges.
- GLOBAL: Anyone around the world is encouraged to participate in the OWASP community.
- INTEGRITY: OWASP is an honest and truthful, vendor neutral, global community.
OWASP Project Inventory
OWASP’s projects cover many aspects of application and software security. The main purpose of the projects is to create documents, tools, teaching environments, guidelines, checklists, and other materials to help organizations improve their capabilities to produce secure code. OWASP currently has over 142 active projects, and new project applications are submitted every week.
All OWASP tools, document, and code library projects are organized into the following categories:
- Incubator Projects: it is the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.
- Lab Projects: They produce an OWASP reviewed deliverable prototypes, while they are still not production ready.
- Flagship Projects: The OWASP Flagship designation is given to projects that have demonstrated superior maturity, established quality, and strategic value to OWASP and application security as a whole.
OWASP Top Ten
One of the main Flagship projects owned by OWASP is the Top Ten project. The project’s main purpose is to represent a list of the most critical web application security flaws and their possible solutions. The project provides powerful awareness documentation for web application security. Project members include a variety of security experts from around the world who have shared their expertise to produce this list. The 2013 top ten is available in Arabic in addition to many other languages.
How to participate
Are you an application developer? Are you a security researcher? Do you have an idea but just need contributors to make it reach the real word? Everyone is free to participate in OWASP and all of the materials are available under a free and open software license. OWASP global group of volunteers are over 36,000 participants. If you want to be part of the OWASP community, you have one of the following three options:
- Join a project: This is the most popular divisions of OWASP as it gives members an opportunity to freely test theories and ideas with the professional advice and support of the OWASP community. Everyone is welcomed to contribute to any of OWASP’s open projects.
- Edit a page: OWASP is a wiki; there are thousands of active wiki users around the globe who review the changes to ensure quality. If you see a page that needs some clarification or better information then you are welcome to edit it.
- Global Initiatives: The OWASP Global Initiates program was established to provide easy access for volunteers interested in contributing in OWASP. There are a variety of items that need volunteers.
OWASP Egypt Chapter
To be part of these worldwide active projects and to transfer all this knowledge and experience to the Egyptian application security industry, the Egyptian Chapter of OWASP is here to be the starting point for all the Egyptian contributors to be part of the OWASP projects and to benefit from the local and international expertise in this field.
Attending our chapter meetings is FREE and OPEN to anyone; OWASP membership is NOT required to do so. The Egyptian Chapter will have bimonthly meetings. So simply sign up on the mailing list, watch for the next meeting, stop by to introduce yourself, ask questions and collaborate. The Egyptian Chapter’s opening meeting will be held at ITI in March. New ideas will be discussed and groups will be created to work on actual projects. Also away from the regularly meetings, educational workshops will be held to make real benefit for all the contributors.
OWASP Cairo Chapter Leader
Team Leader – Information Security