Take advantage of our resources and Let it grow with OWASP
Upcoming Events
May 26 - 30, 2025 (CEST) // Barcelona, Catalunya, Spain
OWASP Global AppSec EU 2025
A must-attend event for Cybersecurity Professionals
Training Date - May 26-28, 2025
Conference Dates - May 29-30, 2025
November 3 - 7, 2025 (EST) // Washington, District of Columbia, United States
OWASP EUROPE - Italy Day 2025
OWASP EUROPE will host the OWASP Italy Day 2025 on June 19th. It will be a full-day event dedicated to application security (AppSec)!
OWASP Italy Day 2025 will be in Cagliari. This was a free, one-day, informal event aimed at increasing awareness and knowledge of web application security.
The event is primarily intended to appeal to security professionals, software developers, software quality engineers, and computer science students with a strong interest in computer security.
November 3 - 7, 2025 (EST) // Washington, District of Columbia, United States
OWASP 2025 Global AppSec USA (Washington, DC)
Training Dates - November 3-5, 2025
Conference Dates - November 6-7, 2025
Get ready for the ultimate cybersecurity experience at the OWASP Global AppSec US Conference in Washington, D.C.!
Chapter Listing
OWASP Local Chapters
OWASP Local Chapters build community for application security professionals around the world. Our Local Chapter Meetings are free and open to anyone to attend so both members and non-members are always welcomed. Local meetings include:
* Training to improve your skills
* Talks relevant to your work
* Networking opportunities
Chapter pages on this site have general information and leader contact info. Local meeting RSVPs are handled through: https://meetup.com/pro/owasp
Africa
Asia
Europe
South America
North America
Central America
SPOTLIGHT
ARNICA
Arnica integrates across your software supply chain and provides the necessary context, prioritization, ownership, and actionability to proactively mitigate risks. In addition to providing complete reports around code risk, excessive permissions, vulnerable dependencies, code repository misconfigurations, anomalous developer behavior, and more, Arnica’s pipelineless approach eliminates these risks in a blameless and shameless way by interacting directly with the developers in real-time to stop any new risks from entering your source code while also helping resolve your risks backlog.
Equixly
Equixly helps developers and organizations create more secure applications, increase their security posture, and spread knowledge of new vulnerabilities. Equixly offers a SaaS platform that allows integrating API security testing within the software development lifecycle (SLDC) to detect flaws, reduce bug-fixing costs, and exponentially scale penetration testing upon every new functionality released. The platform can automatically perform API attacks leveraging a novel machine learning (ML) algorithm trained over thousands of security tests. Then, Equixly returns near-real-time results and a predictive remediation plan that developers can use to fix their application issues autonomously.
Root
Root is the fastest way to achieve software acceptance and zero vulnerabilities. We are a robust two-sided SaaS platform designed to enhance transparency and trust in application security. By seamlessly integrating with your existing tools like vulnerability scanners, ticketing systems, and CI/CD pipelines, Root streamlines the security verification process, enabling quicker acceptance of software releases through clear communication and effective collaboration.
Heeler
Application security teams and developers don’t need more findings—they need actionable context to effectively shift left. Heeler puts application security teams in control by unifying code, runtime, business, and security context to operationalize shift-left efforts. By combining ASPM, static and runtime SCA, and runtime threat modeling, Heeler reduces vulnerability noise by 95% and ensures high-impact risks are caught before they reach production.
Fortify
Fortify Application Security provides your team with solutions to promote DevSecOps best practices, enable cloud transformation, and secure your software supply chain. As the sole code security solution with over two decades of expertise and acknowledged as a market leader by all major analysts, Fortify delivers the most adaptable, precise, and scalable AppSec platform available, supporting the breadth of tech you use while integrating into your preferred toolchain. With Fortify, go beyond check the box security because your great code demands great security.
SKUDONET
SKUDONET is a leader in Open Source Load Balancer, Web Application Firewall, and API security. Our solution integrates an operating system level, transforming into a Load Balancer that reduces latency and simplifies configuration. This integration allows for maximum utilization of the system’s resources, making it ideal for companies seeking efficient deployment and superior performance, especially in Local and Global Server Load Balancing (LSLB and GSLB) environments and hybrid cloud deployments. SKUDONET is different because of its efficiency, cost transparency, advanced algorithms for efficient balanced traffic, protection, SSL Auditing, and offloading extending with Free Open Source and Enterprise Versions.
ThreatSpike Labs
ThreatSpike's mission is to make great security available to every company, regardless of their size or budget. This is achieved through innovative technology solutions wrapped in easy to consume, fixed price managed services. ThreatSpike provides two core services - ThreatSpike Blue, a managed detection and response SOC service running on an in-house developed technology platform; and ThreatSpike Red, the first managed service for penetration testing which provides affordable, all year round testing by experts.
contact us
Get Connected With Us
Most answers you might have about the OWASP Foundation can be found by searching this website. Another path to find information is to visit our sitemap. The most common questions can be answered through the links below.