OWASP Related Commercial Services

Main
(The text below is to be reviewed) OWASP's mission is to make application security "visible," so that people and organizations can make informed decisions about application security risks, and as a value-add towards this end we have attempted to centralize OWASP project deliverable-based services for you in a single OWASP Commercial Services Registry. OWASP is not affiliated with any technology company, and OWASP does not endorse commercial products or services, although we support the informed use of commercial security technology, and that is the ultimate goal of this registry.

Encouraging the formation of commercial services (verification, implementation services, process improvement, and training) benefits both industry and OWASP by promoting the development and consumption by industry and government of tools and techniques that are based on OWASP open standards, best practices and design patterns. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way. The OWASP Foundation is a not-for-profit entity that ensures the project’s long-term success, providing sound foundations to build commercial services upon.

Firms listed in this registry follow strict rules to ensure the preservation of OWASP’s non-commercial nature. Firms listed in this registry share our belief that application security needs to be approached as a people, process, and technology problem, because the most effective approaches to application security include improvements in all of these areas.

Registry list
Organizations listed are not accredited by OWASP. Neither their products nor services have been endorsed by OWASP. Please note that the registry is currently under development and listing requirements are subject to change.