Who is the OWASP® Foundation? The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web. Tools and Resources

Community and Networking

Education & Training For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.

Project Spotlight: Mobile Security Testing Guide The OWASP Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering for the iOS and Android platform, describing technical processes for verifying the controls listed in the MSTG’s co-project Mobile Application Verification Standard (MASVS). The MASVS defines a mobile app security model and lists generic security requirements for mobile apps while the MSTG serves as a baseline for manual security testing and as a template for automated security tests during or after development. Included with the MSTG, the Mobile Security Hacking Playground is a collection of iOS and Android mobile apps, that are intentionally built insecure. These apps are used as examples to demonstrate different vulnerabilities explained in the MSTG. Learn more about the MSTG and the MASVS.