topic Re: OWASP Top 10 Awareness Training in Governance, Risk, Compliance

OWASP Top 10 Awareness Training

sithurralde — Wed, 18 Feb 2026 19:17:46 GMT

Hi,

I'm looking for suggestions or recommendations for OWASP top 10 training for my company's developers. Looking of a overview/awareness course that can be purchased as a SCORM package.

Re: OWASP Top 10 Awareness Training

nkeaton — Wed, 18 Feb 2026 23:53:29 GMT

@sithurralde I would see if there is an active OWASP chapter in your area. They would probably be willing to set something up for you. I use ETI Performance Improvement for that type of training. They are easy to work with and will tailor training for staff. I would also suggest familiarity with CSA’s (Cloud Security Alliance) top threats. https://cloudsecurityalliance.org/artifacts/top-threats-to-cloud-computing-2025 OWASP is touched upon in ISC2’s CSSLP training as well. .

Re: OWASP Top 10 Awareness Training

dcontesti — Thu, 19 Feb 2026 09:58:23 GMT

We developed our own training for this based on on environment (Discrete Mfg.). but we did look at several vendors (Secureflag, Aqua, DataSunrise as well as those offered by OWASP).

The rationale was simple, these developers were also charged with keeping the systems viable (99% uptime)....so we had to build and deliver in such a way that they could implement security and still meet the business requirements. Remember anything that slows production or potentially stops in is thrown out immediately in this environment.

In addition to your local OWASP group, check out ISC2 chapters ( there are many in the SFO area). At these meetings, you may find someone who has done this work and willing to share.

Additionally, RSA is coming up in March and is a perfect place to talk to MANY vendors about their offerings. Many vendors offer free EXPO passes (Just a few......there are others):

Thales: 52E1339XP
Veeam: 52E1300XP
Nokia: 52E1014XP

DataSunrise is also offering an expo pass along with an all access pass (value $30) by using code 52AAD136.

And of course, ISC2 offers a member discount to the conference.

Regards,

Re: OWASP Top 10 Awareness Training

sithurralde — Fri, 20 Feb 2026 02:13:41 GMT

Thanks nkeaton!

Re: OWASP Top 10 Awareness Training

sithurralde — Fri, 20 Feb 2026 02:14:06 GMT

Thanks dcontesti

Re: OWASP Top 10 Awareness Training

Blue_bird — Fri, 20 Feb 2026 11:33:26 GMT

The OWASP Foundation itself is a non-profit that provides the standards (the list, documentation, and data), they do not sell or provide an "official" SCORM package. For that, you must use third-party vendors who build curriculum based on the OWASP standards.

However, You find a nice overview on their official site:

https://owasp.org/Top10/2021/

Thanks

Re: OWASP Top 10 Awareness Training

nkeaton — Fri, 20 Feb 2026 12:43:15 GMT

@sithurralde Very welcome. I work with our cybersecurity workforce on attaining and keeping their certifications and set up training and do study materials acquisitions for that. I do hope that you have a local OWASP chapter that is active and willing to assist. Please let me know if can assist. Giving back to the profession is very important to me as is helping others.

Re: OWASP Top 10 Awareness Training

akkem — Sun, 22 Feb 2026 22:48:13 GMT

Maybe we can start with an OWASP open project. It provides detailed guidance and a solid baselines.
https://owasp.org/Top10/2025/

Re: OWASP Top 10 Awareness Training

sithurralde — Mon, 23 Feb 2026 19:55:23 GMT

Thanks akkem.

Re: OWASP Top 10 Awareness Training

sithurralde — Mon, 23 Feb 2026 19:56:08 GMT

Thanks Blue_bird