The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.

Applied to software, it enables informed decision-making about application security risks. In addition to producing a model, typical threat modeling efforts also produce a prioritized list of security …

OWASP SAMM and the SAMM v2 release is the open source software security maturity model used to develop secure software for IT, application and software security technologists.

The OWASP Secure-by-Design Framework provides practical guidance to embed security into software architecture from the start—long before code is written.

This is the repository for the OWASP Top 10 for Large Language Model Applications. However, this project has now grown into the comprehensive OWASP GenAI Security Project - a global initiative …

The fundamental principles of application security rely on the security concepts referenced in this developer guide. This section aims to provide an introduction to fundamental principles that any …

Cloud Architecture Security Cheat Sheet Introduction This cheat sheet will discuss common and necessary security patterns to follow when creating and reviewing cloud architectures. Each section …

This document describes a structured approach to application threat modeling that enables you to identify, quantify, and address the security risks associated with an application.

Secure applications properly - Add identity-aware proxies and web application firewalls (WAFs) that make security decisions based on who's trying to access what, not just where they're connecting from.

The OWASP Top 10 for Large Language Model Applications started in 2023 as a community-driven effort to highlight and address security issues specific to AI applications.