Skip to main content

Benchmark

The Open Web Application Security Project (OWASP) is a non-profit foundation committed to helping improve software security. It acts as an open, online community where anyone can contribute to the production of material in the field of web application security and benefit from the information available.

The OWASP Benchmark Project is a free Java test suite created in 2015 to assess the accuracy, speed, and coverage of automated software vulnerability detection tools. It helps determine the strengths and weaknesses of different application security testing programs and allows objective comparisons between them.

By running different security testing tools over the OWASP benchmark we can put under evaluation different static (SAST), dynamic (DAST), and interactive (IAST) software vulnerability detection tools.

By comparing the results of different products offered in the market, we get an important indicator for choosing what tool to include in our Software Development Lifecycle.