InfoSec is short for Information Security and is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (electronic, physical, etc.)[1]
The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. Since everyone is developing software, and connecting devices to the Internet, it's a practical necessity that security is done in the open. It's the only way that we can hope to have security. If everyone that wanted to develop a device or piece of software had to hire experts (because they didn't have access to information on the latest security techniques) then we wouldn't be able to innovate. Among other things, OWASP produces their "Top Ten"
The InfoSec Institute reviews the OWASP Top Ten Testing Tools for 2013
A Web Application Firewall (WAF) is a standard means to protect your web application specifically from intrusion and exploits. One such example is ModSecurity for the Apache web server.