What is OWASP?

The OWASP stands for Open Web Application Security Project. OWASP is an international non-profit organization dedicated to web application security. The core principle of the OWASP is that the materials are free and easily available. The materials they offer include documentations, tools, videos, and forums. The best known project is OWASP TOP 10.

What is OWASP TOP 10 ?

The OWASP Top 10 is a project controlled by OWASP. It is regularly updated report outlining security concerns for web application securities. OWASP Top 10 focuses on the 10 most critical risks related to web application. Actually, OWASP Top 10 can be referred as an awareness document. This project compiles common web application vulnerability.

OWASP Top 10 2017

A01:2017 - Injection

A02:2017 - Broken Authentication

A03:2017 - Sensitive Data Exposure

A04:2017 - XML External Entities (XXE)

A05:2017 - Broken Access Control

A06:2017 - Security Misconfiguration

A07:2017 - Cross Site Scripting (XSS)

A08:2017 - Insecure Deserialization

A09:2017 - Using Components With Known Vulnerabilities

A10:2017 - Insufficient Logging And Monitoring

OWASP Top 10 2021

A01:2021 - Broken Access Control

A02:2021 - Cryptographic Failures

A03:2021 - Injection

A04:2021 - Insecure Design

A05:2021 - Security Misconfiguration

A06:2021 - Vulnerable And Outdated Components

A07:2021 - Identification And Authentication Failures

A08:2021 - Software And Data Integrity Failures

A09:2021 - Security Logging And Monitoring Failures

A10:2021 - Server Side Request Forgery (SSRF)