OWASP Broken Web Applications (OWASP BWA): Beyond 1.0

Presented at AppSec USA 2013, Nov. 21, 2013, 2 p.m. (50 minutes)

Video of session: https://www.youtube.com/watch?v=0dxzGK1ZPxA&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=39 The OWASP Broken Web Applications (OWASP BWA) Project produces a free and open source virtual machine (VM) loaded with more than twenty-five web applications with a variety of security vulnerabilities.  The project VM is well suited for use as a learning and training environment or as a standard target for testing tools and techniques.  After two years of betas, the project released version 1.0 of the VM in 2012.  With that milestone behind us, this talk will focus on the project's future, though it will include some background on the project and demonstrate key features in the current release.


  • Chuck Willis - Mandiant
    Mr. Willis is the leader of the OWASP Broken Web Applications project, which distributes a virtual machine with known vulnerable web applications for testing and training.


Similar Presentations: