OWASP Certified Secure Software Developer

image

Shruti Kulkarni

Friday, October 3, 2025

To develop applications we need code. To write code we need developers. And to develop secure applications, developers need to write code that does not result in or have vulnerabilities.

OWASP is about application security - be it web application, mobile application, applications developed with low-code-no-code, infrastructure-as-code, etc.

OWASP is currently working on a new initiative to create a certification program for developers. It is named OWASP Certified Secure-Software Developer - OCSD.

This certification is aimed to help developers to showcase their skills in writing secure code.

The certification program is an answer to the questions a hiring manager may have, when interviewing a developer. It is also for the developers who want to showcase their skills in developing secure code.

Remember:

  • Writing secure code != testing the security of code with tools
  • If developers do not put security in the code, no one else will

The questions we may want to ask are:

  • If I am hiring an application developer, what are the security related skills I would look for?
  • If I were an application developer what security skills would I like to be validated for?

This certification program seeks to provide answers to these questions.

Stay tuned for more updates in this space.

Watch Star
The OWASP® Foundation works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences.

Recent News & Opinions

Upcoming OWASP Global Events