The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
OWASP O - Saft Project O - Saft is an easy to use tool that shows information about SSL connections and the provided SSL Certificates. It's designed to be used by penetration testers, security auditors, or server administrators. The idea is to show the important information, or the special checks, with a simple call of the tool. However, it provides a wide range of options so that it can be used for comprehensive and special checks by experienced people. For more information, please contact the Project Leader, Achim.
New OWASP Project
OWASP Internet of Things Top 10 Project The OWASP Internet of Things (IoT) Top 10 is a project designed to help vendors who are interested in making common appliances and gadgets network/Internet accessible. The project walks through the top ten security problems that are seen with IoT devices, and how to prevent them. For more information, please contact the Project Leader, Daniel Miessler.
Project Review Assistance Required! The OWASP Technical Advisors and the OWASP PM are in the process of reviewing our projects, and we would like to ask for your assistance with this assessment. We would like to ask that you take a bit of time to fill in a short survey that we will use to assess the Usability and Value of each project to its users and the community.
You can find the assessment survey here: Project Usability and Value Assessment For more detailed instructions on how to submit your comments, please contact Samantha Groves. New Project Adoptions This past week, several of our OWASP Projects were adopted by a handful of Leaders. The projects were in the process of being labeled inactive if they did not get adopted by mid-February. Thankfully, our Leaders have agreed to move the projects forward. Below, you will find a list of the adopted projects, and the Leaders that have decided to manage each project.
The OWASP Global platform is being reinforced with steel! The Operations team is working upgrading and consolidating the systems that support YOUR work. More information will be provided in upcoming issues.
Just for Fun
In case you need another excuse to take a break from the keyboard, try to figure out this riddle. Send your answers to our comment desk for a chance to win a really cheezy prize. Winners will be announced in the next connector. Alice and Bob ran a race of 100 yards and Alice won by 5 yards. "It doesn't seem fair," said Bob. "What if I gave you a head start next time?" suggested Alice. Alice started the next race five yards behind the starting line. Both Alice and Bob ran the second race at exactly the same speed as before. What was the result? - Brought to you by Lewis Carroll (Adapted Puzzle)
Thank you to our newest Corporate Member: Monitorapp
In 2014, instead of holding an AppSec LATAM Conference, we are working on organizing a LATAM Tour. Building on the success of 2012 and 2013, the tour will empower the entire LATAM region to collaborate and to raise software security awareness in their region. This year's tour will be held between April 21st and May 9th. Please find additional information regarding the tour and on the scheduled stops by visiting the Tour Wiki Page.
OWASP has partnered with these great events in beginning of 2014 to grow our community and build awareness around software security. If you want to learn more about OWASP's involvement or will be attending and want to help out contact us
Team OWASP OWASP is looking to create a learning environment where security meets developer. Leveraging the functionality of "The Hive" the goal is to establish a global arena to not only perform secure testing of code, but development and testing of solutions.
OWASP Global Webinar
Wednesday, February 5th Jonathan Marcil, project leader and chapter leader will demonstrate the functionality of the OWASP Media platform.. Jonathan will show how to use existing tools and connect them to the existing framework to support the OWASP mission. Register for the 10 am EST Presentation Register for the 9 pm EST Presentation
OWASP Member Spotlight
As an organization driven by it's membership community, it's high time we dedicate some space to recognizing YOU!
Jason Johnson decided to "get involved" in January 2013 by taking leadership of the Oklahoma City chapter. Jason also started "The HIVE" project and is leading the adaptation of this platform to support the new "Team OWASP" initiative. Jason's "elevator pitch:" I work as an Application Performance professional for the government. (no I did not test healthcare.gov) This line of work fuels my love for OWASP because application security is one of the most overlooked key elements in developers code. I am currently in school for computer forensics. I started the OKC Chapter here in Oklahoma and its slowly getting off the ground. The HIVE project started as a secure-ISH solution for projects of all kinds. I really want to push this into education; if students can learn to store things in a crazy secure way even learn to test code or even build up a Pen Testing\Code endorsing secure heap of goodness with the hive I think it will show them the endless possibilities in secure code and spark new ideas. provides.