ALGARVE, PORTUGAL, November 7, 2008 – The Open Web Application Security Project (OWASP) today announced results from the annual OWASP Summit. Over 80 application security experts from over 20 countries joined forces to identify, coordinate, and prioritize our 2009 efforts to create a more secure Internet.
OWASP is a free and open community that focuses on improving application security. There is overwhelming evidence that the vast majority of web applications contain security holes that are increasingly putting people and organizations at serious risk. Securing web applications is an extraordinarily difficult technical challenge that demands a concerted effort.
“OWASP came together for a week and produced a stunning amount of new ideas,” said OWASP Chair Jeff Williams. “Our community is growing and organizing into a powerful movement that will affect software development worldwide. This summit marks a major milestone our efforts to improve application security.”
Key results from the OWASP Summit include:
New Free Tools and Guidance – OWASP announced the release of Live CD 2008, many new testing tools, static analysis tools, the Enterprise Security API (ESAPI v1.4), AntiSamy, the Application Security Verification Standard (ASVS), guidance for Ruby on Rails and Classic ASP, international versions of our materials, and much more.
New Outreach Programs – OWASP has expanded its outreach efforts by building relationships with technology vendors, framework providers, and standards bodies. In addition, we piloted a new program to provide free one-day seminars at universities and developer conferences worldwide.
New Global Committee Structure – OWASP recognized the extraordinary contribution of our most active leaders by engaging them to lead a set of seven new committees. Each democratically established committee will focus on a key function or geographic region, such as OWASP projects, conferences, local chapters, and industry outreach.
The full results of the summit will be captured and released as a report from OWASP in the next few weeks. We will put these results out for comment for 30 days and then ratify them. For more information about all the activities and accomplishments at the OWASP Summit, please visit www.owasp.org.
The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. The OWASP Foundation is a 501c3 not-for-profit charitable organization that ensures the ongoing availability and support for our work. Find out more at http://www.owasp.org.