What is OWASP?

OWASP stands for Open Web Application Security Project.

OWASP is a worldwide non-profit organization focused on improving the security of software, their mission is to make software security more visible.

Everyone can participate in OWASP and all their material is free and under open software license. You can find everything about OWASP here. OWASP does not endorse or recommend commercial products or services.



OWASP has for many years been the place for many people around the world who all share a common interest, namely software security.

OWASP has many different projects which all have one thing in common and that is to improve security in software no matter where or how this is developed, this can only be achieved due to all the people who are behind.



How to use OWASP?

OWASP has developed many good tools to help improve security in the software, among them include OpenSAMM, TOP 10, ESAPI and ASVs.

OWASP has with, among other things, OWASP TOP 10 made it possible to see the 10 most used attack methods against Web-based solutions on a world plan, they have created this list from the data they collect from businesses worldwide, and this list is then updated every two to three years.


Who should use OWASP?

All companies that have focused on Data Security should know of OWASP.

OWASP covers many areas of Data Security, but if a company has a Web-based solution (even if this is just a website) it should be checked for the existence of vulnerabilities in the OWASP TOP 10 list.

Arama Consult has chosen to have focus on the OWASP TOP 10 since we help many of our clients find and correct errors in web-based solutions, thus we have chosen to have the latest Top 10 lists on our website.

Arama Consult has chosen to list OWASP TOP 10 lists from 2007, 2010 and 2013. We have created a table with the developments over the past years.