Simon Willison’s Weblog

OWASP Security guide

24th November 2002

The Open Web Application Security Project (OWASP) have a free guide to building secure web applications, which covers a large range of common problems such as cross site scripting and SQL injection vulnerabilities. The report is a 60 page PDF and although I haven’t had time to go through it yet it looks like an excellent read.

Posted 24th November 2002 at 9:19 pm · Follow me on Mastodon, Bluesky, Twitter or subscribe to my newsletter

More recent articles

The Axios supply chain attack used individually targeted social engineering - 3rd April 2026
Highlights from my conversation about agentic engineering on Lenny's Podcast - 2nd April 2026
Mr. Chatterbox is a (weak) Victorian-era ethically trained model you can run on your own computer - 30th March 2026

This is OWASP Security guide by Simon Willison, posted on 24th November 2002.

owasp 4 security 593 sql-injection 18

Next: Taxomita

Previous: phpPatterns

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe

Previously hosted at http://simon.incutio.com/archive/2002/11/24/owaspGuide