#owasp

Migrating from CRS 3.3 to CRS 4.25 LTS — Part 2: Configuration This is Part 2 of the CRS 3.3 → 4.25 LTS migration series. Part 1 provided an overview of the migration. This post covers the crs-setup.conf changes — the most immediately breaking part of the upgrade for most operators. If you take one thing from this post: do not reuse your CRS 3 crs-setup.conf with CRS 4 without reviewing every variable in it. Some variables were renamed, some were removed, and several new ones are required for features that did not exist in CRS 3.

20 hours ago

#OWASP Global #AppSec EU call for volunteers is now open! If you are interested in helping the foundation host this event, sign up today: owasp.wufoo.com/form...

#cybersecurity #devsecops

0 0 0 0

@coreruleset.bsky.social

1 day ago

Part 2 of the CRS 3→4 migration series: configuration. Don't reuse your old crs-setup.conf — variables were renamed, split, and added. Post includes a full checklist and an interactive migration tool.
coreruleset.org/2026...
#OWASP #CRS #WAF #AppSec

0 0 0 0

1 day ago

Learn again more on AI Security at OWASP BASC

Dan D'Avella will talk about Autonomous Remediation using AI Security Agents.

Check out more at www.basconf.org

#owasp #basc2026 #basconf #appsec

0 0 0 0

1 day ago

Our #OWASP February Virtual 25th Anniversary videos are now live! www.youtube.com/play...

#cybersecurity #appsec #devsecops

1 0 0 0

iX-Workshop: OWASP Top 10 – Sicherheitsrisiken für Webanwendungen verstehen Lernen Sie die wichtigsten Sicherheitslücken in Webanwendungen kennen und erfahren Sie, wie Sie sich erfolgreich schützen können.

2 days ago

Exciting news from @infosecmap@bird.makeup

🎙️ Podcasts & Live Streams: all cybersecurity talks & shows in one searchable hub.
And don't forget to explore the OWASP Hub: chapters, events, meetups & trainings worldwide.

infosecmap.com/owasp/

#InfoSecCommunity #LiveStreams #OWASP

3 0 0 0

@ixmagazin.bsky.social

2 days ago

Lernen Sie die wichtigsten Sicherheitslücken in Webanwendungen kennen und erfahren Sie, wie Sie sich erfolgreich schützen können. #OWASP

0 0 0 0

2 days ago

Learn all about AI Security at OWASP BASC

Jonathan Dutson will talk about how Agentic Workflows can be compromised

Check out more at www.basconf.org

#owasp #appsec #basconf #basc2026

0 0 0 0

3 days ago

Last Day to buy tickets! Last few tickets left!

Grab your chance to listen and meet experts in application security and get some new skills. Buy your ticket at www.basconf.org — ticket refunded at check-in!

#appsec #basconf #owasp #basc2026

0 0 0 0

3 days ago

Up your game in auditing applications at OWASP BASC

Michael Kreuger is conducting a workshop to learn how to audit your application for SDKs in it.

Check out more at www.basconf.org

#owasp #basconf #basc2026 #appsec

0 0 0 0

3 days ago

Tomorrow is the last day to buy BASC tickets!

Grab yours at www.basconf.org and get access to a day full of talks, workshops and a chance to win some amazing raffle prizes.

#appsec #basc2026 #basconf #owasp

0 0 0 0

@aleksei-aleinikov.bsky.social

4 days ago

Learn some new skills at OWASP BASC

Tony Quadros will be conducting a hands on workshop on writing custom static analysis rules

Check out more at www.basconf.org

#appsec #basconf #basc2026 #owasp

0 0 0 0

Aleksei Aleinikov

5 days ago

How Google Cloud Armor Helps Close OWASP Top 10 Risks in 2026 Most teams don’t fail OWASP because they ignore it. They fail because they can’t turn it into enforcement.

A useful point on Google Cloud Armor: OWASP awareness is not enough without enforcement. Strong edge controls can help reduce injection attempts, abusive automation, and pressure on fragile apps.
medium.com/google-cloud...
#CloudSecurity #GoogleCloud #GCP #OWASP #DevSecOps

0 0 0 0

Bill

@sempf.infosec.exchange.ap.brid.gy

5 days ago

Full Disclosure: [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability

Kine of a neat vulnerability discovered in the OWASP Common Rule Set. Test your stuff on Windows folks!

https://seclists.org/fulldisclosure/2026/Apr/0

#owasp #cve

1 0 0 0

GenAI Security Project ramps up guidance for AppSec teams New resources for providing practical guidance and tools for securing generative and agentic AI have been released by OWASP's GenAI Securi...

5 days ago

Dive into the world of SBOMs at OWASP BASC

Kelli Schwalm will speak on how to tell if your SBOM is wrong.

Check out more at www.basconf.org

#owasp #appsec #basconf #basc2026

0 0 0 0

John P. Mello Jr.

@jpmjr.bsky.social

5 days ago

AI risks are evolving fast and OWASP's GenAI Security Project is keeping pace—new red-teaming taxonomy, 200+ mapped solutions, and updated guidance for AppSec teams. jpmellojr.blogspot.com/2026/04/gena.... #AppSec #GenAI #OWASP #AISecurity

1 0 0 0

5 days ago

Only 3 days left to secure your ticket to the application security conference. Spend a day learning from 18 talks, 4 expert‑led workshops, and enjoy raffle prizes. Buy at www.basconf.org — ticket refunded at check-in!

#appsec #basconf #owasp #basc2026

0 0 0 0

5 days ago

Learn about traditional and non traditional methods of AppSec

Gaurav Kulkarni will talk about how variant hunting redefines vulnerability management

Check out more at www.basconf.org

#appsec #owasp #basconf #basc2026

0 0 0 0

Cybersecurity News Everyday

6 days ago

Big thank you to our Platinum sponsor NowSecure !

NowSecure provides a full suite of security and privacy testing solutions purpose-built for mobile apps.
Want to sponsor OWASP BASC 2026? Check out our website www.basconf.org

#owasp #basc #basc2026 #appsec

0 0 0 0

@hendryadrian.bsky.social

6 days ago

Workshop Resources: OWASP Threat and Safeguard Matrix (TaSM) The Cybersecurity Club hosted a global workshop led by Ross Young to introduce OWASP's Threat and Safeguard Matrix (TaSM), a practical framework that maps material threats to safeguards aligned with the NIST Cybersecurity Framework. Attendees worked through phishing, ransomware, web application attacks, third‑party data loss, and AI data‑leak scenarios involving ChatGPT and Google Gemini to identify coverage gaps, prioritize investments, and explore AI automation from Clear Capabilities. #OWASP #TaSM #RossYoung #ClearCapabilities #ChatGPT #GoogleGemini #NIST

Ross Young led a global workshop on OWASP’s Threat and Safeguard Matrix (TaSM), linking threats like phishing, ransomware, and AI data leaks to safeguards aligned with NIST standards. #OWASP #AIsecurity #USA

0 0 0 0

OWASP PTK Findings as ZAP Alerts (Juice Shop Walkthrough) OWASP PTK 9.8.0 and the ZAP OWASP PTK add-on 0.3.0 now let ZAP display OWASP PTK findings directly as ZAP Alerts. This post shows how to install the add-on, choose which PTK rules to run (SAST / IAST ...

6 days ago

Only 4 days left to buy your ticket to the application security conference. Spend a day learning with 18 talks, 4 workshops led by experts, plus raffle prizes. Purchase at www.basconf.org — ticket refunded at check-in! #appsec #basconf #owasp #basc2026

0 0 0 0

ZAP by Checkmarx

@zaproxy.org

1 week ago

This is huge!
www.zaproxy.org/blog/2026-04...
OWASP PTK massively increases ZAP’s browser side testing capabilities .. and automation is up next!
Many thanks to Denis Podgurskii for this great integration.
#zaproxy #owasp #appsec

6 2 0 0

1 week ago

We have some interesting sessions on Threat Modeling as well

Alok Tibrewala will talk about Threat Modeling Development Workflow using Autonomous Code Generation

Check out more at www.basconf.org
#owasp #basc2026 #basconf #appsec

0 0 0 0

German OWASP Day 2026

1 week ago

We’ve been working on something special…

🌟 Our first Impact Report is here!
Real stories, real voices, real impact, all made possible by you.

📄 owasp.org/assets/fil...

We are very proud of this one. Excited for what’s next 💪❤️

#OWASP #Impactreport #community #opensource #infosec #appsec

1 0 0 0

OWASP Germany Chapter

@owasp-de.bsky.social

1 week ago

Der diesjährige German #OWASP Day findet am 24.9.2026 in Karlsruhe statt .Am Vortrag bieten wir Community Trainings an, die letztes Jahr sehr gut angenommen wurden

Der CfT für 2026 ist bereits offen - bis zum 12.4. god.owasp.de/2026/cft.html

#Appsec #infosec #security #devsec #AI #LLM #SDLC #CISO

0 0 1 0

OWASP Germany Chapter :verified:

@owasp-de.infosec.exchange.ap.brid.gy

1 week ago

Original post on infosec.exchange

Hallo AppSec-Community!

Unsere Vorbereitungen für den German #OWASP Day 2026 (GOD) sind in vollem Gange. Wie einige vielleicht bemerkt haben, die Webseite ist live (und wie üblich in Farbe): https://god.owasp.de/2026 .
Der diesjährige GOD findet am 24.9.2026 in Karlsruhe statt (Konferenztag mit […]

0 1 1 0

1 week ago

Get engaged in some intense discussions on AppSec

Kathan Shah & Nikunj Doshi will show us what are the hidden blindspots in an AppSec Program

Check out more at www.basconf.org

#owasp #basc2026 #basconf #appsec

0 0 0 0