The web app security consortium OWASP published the latest Testing Guide, a manual designed to teach developers how to build and maintain secure applications.

Security misconfiguration is a significant concern, in the OWASP Top 10. During our web application penetration tests, we often discover numerous vulnerabilities of this nature. According to OWASP, ...

OWASP ZAP (Zed Attack Proxy) is an open-source tool designed for finding vulnerabilities in web applications. It supports automated and manual testing, making it suitable for beginners and seasoned ...

Dynamic application security testing (DAST) tools assess the security of web applications by simulating external attacks. In this guide, we will survey the best DAST software on the market today.

As a long-time OWASP member and application security practitioner, I wanted to share my thoughts on how the newly released OWASP Web App Top 10 might impact or influence the updates to the API ...

By categorizing existing and emerging security solutions, it provides organizations with guidance on how to address the risks identified in the OWASP top 10 list for LLM applications effectively.

APIs now account for 40% of the attack surface for all web-enabled apps. OWASP has identified 10 areas where enterprises can lower that risk.

The OWASP AI Exchange serves as an open-source collaborative effort to progress the development and sharing of global AI security standards, regulations, and knowledge.

Chief information security officers now have a new tool at their disposal to get started with AI securely. The Open Web Application Security Project (OWASP) released the LLM AI Cybersecurity & ...