OWASP Members change the world. Your membership helps shape the organization and drives our projects and community. If you are not a member or are due for renewal within 60 days, please join or renew today and get 10-25% off! https://t.co/87vap2mFAl > Memberships > Apply

Earlier today, Technical Committee 54 was officially convened within @EcmaIntl as a royalty-free task group. #TC54 is chartered with standardizing #OWASP @CycloneDX_Spec, standards and algorithms that advance transparency and sharing of this information across the supply chain.

We published OWASP's response to the ONCD RFI on Open Source Security, mainly to do with memory-safe languages. More details: https://t.co/e9howUWpw8 A huge thank you to all the OWASP Leaders who contributed. For media, please contact me on andrew.vanderstock@owasp.com

We’re proud to announce the immediate availability of the SCVS BOM Maturity Model. The model allows organizations to evaluate #SBOM quality and mature and optimize their investment in software and system transparency. https://t.co/B9sx3QddLW #OWASP

We’re proud to announce the immediate availability of the SCVS BOM Maturity Model. The model allows organizations to evaluate #SBOM quality and mature and optimize their investment in software and system transparency. https://t.co/B9sx3QddLW #OWASP

@owasp Foundation Joins Ecma International to Drive Software Transparency and Standardization of OWASP #CycloneDX. Press release: https://t.co/roJRePF56f Blog post: https://t.co/Ca36juv43C #SBOM #SoftwareTransparency #SaaSBOM #HBOM #CBOM #EO14028

Check out this article by Chris Hughes, then head over to https://t.co/2kZjK8sD51 to read the standard and see how SCVS can help your organization measure and improve software supply chain assurance. #OWASP #SBOM #SoftwareSupplyChain

🗒️ @owasp Software Component Verification Standard (SCVS) Overview by Chris Hughes on the 3 levels of maturity across 6 control categories * Inventory * SBOM * Build Environment * Package Management * Component Analysis * Pedigree and Provenance https://t.co/Caz7H0Vdwj

We're happy to announce that SCVS now has a dedicated website where project information can be found, the standard can be read, and in the near future the BOM Maturity Model can be explored. https://t.co/2kZjK8sD51 #OWASP #SBOM #SoftwareSupplyChain

Reminder: Our next project meeting is on: July 21 at 14:00 UTC (9:00 CDT / 10:00 EDT). Meeting ICS: https://t.co/ocxHwuCg9s… Agenda: - Continue work on BOM maturity model To Join: in: https://t.co/6GgKCwLkzR #SBOM #SoftwareSupplyChain #OWASP

The recording of my session at NDC Security is available! Learn about possible attacks against you supply chain and how to prevent against them:

@Jhaddix @owasp projects: @zaproxy @owasp_wstg @owasp_juiceshop @OWASPTop10 @OWASP_SKF @OWASPControls @OwaspSAMM @CoreRuleSet @OWASP_MSTG @OWASP_ASVS @DependencyTrack @OWASP_SCVS @Owasp_DevSlop @defectdojo @SecureCodeDojo @OWASPCornucopia @appsensor @OWASPiGoat #AppSec

ALL OWASP MEMBERS DID YOU VOTE YET? If not, you still have time to vote in the OWASP 2021 Global Board of Directors Election. PLEASE CHECK YOUR EMAIL FOR YOUR BALLOT. YOUR VOTE COUNTS! VOTE NOW!

Join #owasp as we celebrate our 20th Anniversary on Sept. 24! Register now for this 24-hour live, virtual, global FREE event. Agenda will include 5 keynotes, 4 tracks with speakers from around the world, and more! https://t.co/9jQ9h5SO6M

Mark your calendars! Come celebrate the 20th anniversary of @OWASP with a tremendous lineup of speakers and industry experts. In relation to SCVS, #SBOM will be presented by @stevespringett and @coderpatros from @CycloneDX_Spec, a flagship OWASP Standards project.

SBOM is a foundational, level 1 behavior in #OWASP SCVS. The recommendations from NTIA aligns to the requirements in SCVS.

Propose your topic for our #OWASP SAMM User Day - May 27th, 2021 - details here:

The OWASP Software Component Verification Standard project is conducting the 2021 State of the SBOM Survey. Community participation is valuable as we assess the current and future role that Software Bill of Materials play in the industry. https://t.co/Ty0FQYuxIB #SBOM #OWASP

Detecting a #SolarWinds style attack is difficult. But you can dramatically reduce the likelihood of creating similar incidents by adopting #OWASP SCVS. It includes practical advice to measure and improve your #SoftwareSupplyChain. https://t.co/o7oAUQciQY

SBOM - you've got questions, we've got answers! The @NTIAgov SBOM Awareness & Adoption working group has finished v1 of an FAQ. All you ever wanted to know abt #SBOM but were too lazy to ask. Check it out, share it, & reply with more Qs that we should add