As the OWASP Foundation navigates its third decade of existence, many application security experts and OWASP volunteer contributors say it's time for the organization to make some big changes to stay ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Andres Almiray, a serial open-source ...

When Nandakishore Leburu was building LLM applications at LinkedIn, he learned that the models weren't the problem. The ...

Nonprofit foundation Open Web Application Security Project (OWASP) has released an updated draft of its ranking of the top 10 vulnerabilities, the first changes to the list since November 2017. The ...

2021 saw a major revamp of the OWASP top 10 most critical and severe application security risks. The first article in this series examined the new methodology that OWASP used to derive its ranking.

The open-source project maps directly to OWASP’s top 10 agentic AI threats, aiming to curb issues like prompt injection, ...

The viability of the Open Worldwide Application Security Project for the modern open-source software landscape has been called into question. For more than two decades, the Open Worldwide Application ...

Deepfakes and other generative artificial intelligence (GenAI) attacks are becoming less rare, and signs are pointing to a coming onslaught of such attacks: Already, AI-generated text is becoming more ...

The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server. Short for Open Worldwide Application Security ...

Traditional methods of protecting IT networks and data, including firewalls, zero trust and two-factor authentication involving verification on the same device twice, are failing to provide essential ...