Thursday, February 8, 2018

Board decision on the NYC RFP

OWASP Community,

Yesterday your elected board decided not to have OWASP support an RFP to build a cybersecurity center of excellence in NYC.  The local NYC OWASP community did an awesome job working to meet the RFP requirements and assembling a team and a detailed proposal.

The team presented the submission generally during the past OWASP BOD call February 7th and in all details during the executive meeting afterwards.
We decided (unanimously) not to support the proposal at an organizational level for a couple of very basic reasons:
  1. The activities would be geographically focused in NYC. As a global entity, we should prioritize activities with a global interest.
  2. The activities potentially involve a commercial interest which we feel can introduce a conflict of interest to our mission.
  3. The foundation has substantial commitments and existing priorities with AppSec conferences, Projects and Chapters, which are already stressing our existing resources. 
  4. We believe both the RFP process and further work around this initiative would be a significant amount of work for the Foundation staff, which could introduce risk to the core mission of OWASP.
With decisions that involve large amounts of effort, money and direction we expect people to have strong opinions and ideas.  We feel an acute responsibility as your elected board to work to make the best decisions we can for the global OWASP community - to direct our activities and funds toward our mission, which is an open global application security community.  We deeply appreciate everyone’s contributions.

Thank you.

On behalf of the OWASP BOD,
    Martin Knobloch
OWASP Chairman of the BOD

Thursday, February 1, 2018

January 2018 Corporate Members

January 2018  Corporate Members

We would like to thank the companies below for supporting the OWASP Foundation.  
These companies have recently contributed by either renewing their existing 
Corporate Membership or joining OWASP as a new Corporate Member. 
Details about Corporate Membership can be found here.

Contributor Corporate Members

Avi Networks completes enterprises’ digital transformation with its software load balancer, intelligent Web Application Firewall, and modern application services. The Avi Vantage Platform is deployed across data centers and clouds, delivering better elasticity, intelligence, and cost savings by providing granular per-tenant and per-app services. Customers enjoy 5X faster application rollouts, actionable analytics, and 70% lower costs. Visit to learn more.

Cybozu is a Japanese cloud computing vendor founded in 1997. Its service supports effective team collaboration hence our services are widely used from large-scaled teams like multinational enterprises to small-scaled teams like volunteer groups, clubs even families. “kintone” is one of the Cybozu’s key products released in 2011. It is called "no-code application platform" which makes work more productive through business applications. It is recognized as one of the leading vendors in” Gartner 2016 Enterprise application Platform as a Service (aPaaS), Worldwide Magic Quadrant”. Cybozu has been focusing on security enhancement. It has started "bug bounty project" in 2013 to find any vulnerabilities which may exist in its product in order to provide its customers with the most secure service possible. To learn more, please visit:

HackerOne ( is the #1 hacker-powered security platform, helping organizations receive and resolve critical vulnerabilities before they can be exploited. More than 1,000 organizations, including the U.S. Department of Defense, U.S. General Service Administration, General Motors, Twitter, GitHub, Nintendo, Panasonic Avionics, Qualcomm, Square, Starbucks, Dropbox and the CERT Coordination Center trust HackerOne to find critical software vulnerabilities. HackerOne customers have resolved over 57,000 vulnerabilities and awarded over $22M in bug bounties. HackerOne is headquartered in San Francisco with offices in London and the Netherlands. Visit to learn more.

To learn more about Kenna Security, please visit

Interested in learning how to get your company name posted here? 

Find out how by visiting our Corporate Member page, or contact Kelly Santaluciaour Membership & Business Liaison today!