Nov 6, 2025 · The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web …

Applied to software, it enables informed decision-making about application security risks. In addition to producing a model, typical threat modeling efforts also produce a prioritized list of security …

OWASP SAMM and the SAMM v2 release is the open source software security maturity model used to develop secure software for IT, application and software security technologists.

Without intentional, principle-based design, security controls become inconsistent, bolt-on, and fragile—leaving gaps that can be exploited. This project provides a structured, repeatable, and …

The fundamental principles of application security rely on the security concepts referenced in this developer guide. This section aims to provide an introduction to fundamental principles that any …

Nov 26, 2025 · Because of these complexities, the industry is converging on the principle that: Security is not sufficient, AI Trustworthiness is the real objective. This OWASP AI Testing Guide …

Cloud Architecture Security Cheat Sheet Introduction This cheat sheet will discuss common and necessary security patterns to follow when creating and reviewing cloud architectures. Each section …

This document describes a structured approach to application threat modeling that enables you to identify, quantify, and address the security risks associated with an application.

This is the repository for the OWASP Top 10 for Large Language Model Applications. However, this project has now grown into the comprehensive OWASP GenAI Security Project - a global initiative …

It is probably the only comprehensive rule set available in an open source form or its type and therefore provides an important opportunity to examine the effectiveness of a negative security model for web …