Short for Open Web Application Security Project, an open source community project set up to develop software tools and knowledge-based documentation for Web application security. Some of the project��s work includes:
- A guide to define security requirements to build secure Web applications.
- Developing an industry standard testing framework for Web application security.
- VulnXML - A standard data exhange format to allow commercial, open source and research tools to communicate and interoperate.
- Web Scarab - An open source enterprise-level Web application scanner.
- Developing a component-based approach to filtering malicious input and output to a Web application.
- Web Maven - An intentionally insecure Internet bank users can download and learn from.
All of the project��s software and documentation is released under the GNU GPL, and the project is staffed entirely of volunteers.