Where should you start with web security
November 15, 2009 | Posted by admin When I first started looking into security within web applications years ago there really was no resource that you could take advantage of. This has now changed with OWASP. Their mission is to make application security visible, so that people can make informed decisions. OWASP is a 5013c organization using mostly volunteers. They have over 130 local chapters worldwide that hold meetings to discuss application security, some chapters hold conferences as well. They have over 100 projects in many stages, all carrying the goal of improving application security. OWASP also creates a large number of tools and guides to encourage building applications more securely. The OWASP Development Guide, and the OWASP top ten are essential reading for developers. Other projects such as OWASP’s Enterprise Security API (ESAPI) and WebGoat are also essential tools in web security. I will be posting articles that talk about each of their projects over the next few months. I encourage you to check out your local OWASP Chapter.
Categories: Application Security, OWASP | 
Tags: | 
No Comments »