One of the projects that everyone that knows of OWASP knows about is their Top 10 web security risks. The latest version is dated
2017, although they have begun their work on the next version dated 2021. If you are interested in
https://github.com/OWASP/Top10/contributing or following along, you can. One of the best things about OWASP is they are Open; this is the community working together. Did you know there is an OWASP
Top 10 Mobile threats as well? The OWASP
Mobile Security Project has many other projects aside from the Top 10. For example, there is a platform for people to practice their iOS penetration testing skills called ‘
Damn Vulnerable iOS Application.’ They have 21 different exercises that you can practice your skills on that cover everything in the Top 10 mobile risks list.
The recent attack on the Colonial Pipeline was not unexpected. The US Government also knew that this was possible. It was indeed not a shock that this occurred for most, if not all, information security professionals. OWASP has also committed to working with the community to secure, among other things, the
critical infrastructure ISVs (Independent Software Vendors (ISV)). More attacks will occur; we must secure our voting systems, infrastructure, defense, and supply chain.
Projects
There are many more terrific
projects to explore at OWASP! Look for our next posts on OWASP!