The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation that works to improve software security. Founded in 2001, it is a community-led, open-source initiative that offers web application security resources, networking, education, and training to fellow developers. It's an example of the amazing things that are achieved through the open-source community.

OWASP’s Top Ten web application security risks

OWASP is perhaps most famously known for producing the OWASP Top Ten, a standard awareness document for developers and web application security. The list represents a broad consensus about what the most critical security risks are to web applications.

Because web application security is an ever-evolving field that changes as new HTML, JavaScript, and browser features are released, the most important security risks also change over time. OWASP takes the changing security landscape into consideration and updates the ranked list every so often. For example, as browser features improve, particular vulnerabilities become easier to address and slide down in importance. Additionally, other security categories are renamed or combined as the scope changes.

Get hands-on with 1400+ tech skills courses.