tags:

views:

48

answers:

2
Q: 

What is OWASP exactly?

Open Web Application Security Project

Promotes secure software development Oriented to the delivery of web oriented services Focused primarily on the “back-end” than web-design issues An open forum for discussion A free resource for any development team

What is it...is it a operating system or a software???

A: 

Neither.

It is an organization that promotes secure software development.

As part of that effort they produce guidelines and software to help with this cause - software for testing and securing software. One piece of software is a live CD - the goal of this part of the project is "to make application security tools and documentation easily available.".

They are primarily concerned with secure web development.

Oded  2010-08-22 08:00:48
OWASP live cd??? is tht a software???
Vinod K  2010-08-22 08:02:06
You do realize that all Operating Systems _are_ software, right?
Oded  2010-08-22 08:03:57
ya...i owasp and linux with gui looks the same..then why dont they call OWASP an OS...
Vinod K  2010-08-22 08:33:04
Becuase OWASP is not the same as the live CD. The live CD is _part_ of what OWASP produce. The live CD contains some of what OWASP makes.
Oded  2010-08-22 08:41:32
+1  A: 

From the OWASP landing page:

The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software

(If you are not familiar with the designation "501c3", it is a U.S. legal term that means that donations to the organization are tax deductible.)

More, from their About page:

The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. We can be found at www.owasp.org.

OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way. The OWASP Foundation is a not-for-profit entity that ensures the project's long-term success.

GreenMatt  2010-08-22 08:04:04
owasp live cd and linux with gui looks the same..then why dont they call OWASP live cd an OS
Vinod K  2010-08-22 09:19:58

related questions

How to prevent 'DROP BOBBY TABLES' when user enters a password with special characters?
Why Open Redirect URLS?
AntiSamy is allowing An encoded Script alert to get by? How to block?
How to not transform special characters to html entities with owasp antisamy
Best libraries/practices to prevent OWASP Top 10 Vulnerabilities
Javascript Comments are security risk?
SQL Injection Protection for dynamic queries
OWASP Regex Repository: Is this regex correct?
How do you protect against specific CSRF attack
CSRF (Cross-site request forgery) attack example and prevention in PHP
What is the difference between a countermeasure and a control?
XSS - SQL Injection -- Owasp vs AntiXss Vs Microsoft Anti-Cross Site Scripting Library
OWASP Consider regenerating a new session upon successful authentication or privilege level change.
PCI/DSS: Data at Rest
What is the SQL Server equivalent to Oracle's Virtual Private Database?
Secure XML Parsers
Best Practices for defining PatternLayout when using Log4j SyslogAppender
Attacking websites without leaving an audit trail.
Ruby on Rails and Security