LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is OWASP and what are some of its key projects?

OWASP (Open Worldwide Application Security Project) is a non-profit that publishes free, vendor-neutral tools, standards, and guidance for building secure software — its best-known output is the Top 10 list of web app risks.

Why it matters: web security advice is otherwise scattered and often tied to a vendor selling a product. OWASP fills that gap with community-driven, openly licensed resources that developers and auditors worldwide treat as a common baseline. Concretely, if you need to know how to do something securely, there's usually an OWASP Cheat Sheet for it; if you need to test an app, there's ZAP.

Key projects:

  • Cheat Sheet Series - Security best practices
  • Dependency Track - Component vulnerability monitoring
  • OWASP SAMM - Software Assurance Maturity Model
  • SecurityShepherd - Security training platform
  • Security Knowledge Framework (SKF) - Security requirements
  • ZAP - Web application security scanner
  • ModSecurity Core Rule Set - WAF rules
  • Top10 - Most critical security risks

Go deeper:

  • doc OWASP (Wikipedia) — encyclopedic overview of the foundation, its history, and its flagship projects.

From Quiz: SPRG / OWASP Top 10 | Updated: Jul 05, 2026