OWASP Open Worldwide Application Security Project, short for the Open Worldwide Application Security Project, is a globally recognized nonprofit organization focused on improving the security of software and web applications.
OWASP provides free, open-source tools, resources, and documentation to help developers, businesses, and security professionals identify and prevent application security risks.
OWASP Open Worldwide Application Security Project
2017 OWASP Top 10
What is OWASP?
Answer: Open Worldwide Application Security Project
1: Injection
2: Broken Authentication.
3: Sensitive Data Exposure.
4: XML External Entities (XXE).
5: Broken Access Control.
6: Security Misconfiguration.
7: Cross-Site Scripting (XSS).
8: Insecure Deserialization.
9: Using Components with Known Vulnerabilities.
10: Insufficient Logging and Monitoring.
2021 OWASP Top 10
1: Broken Access Control.
2: Cryptographic Failures.
3: Injection.
4: Insecure Design.
5: Security Misconfiguration.
6: Vulnerable and Outdated Components.
7: Identification and Authentication Failures.
8: Software and Data Integrity Failures.
9: Security Logging and Monitoring Failures.
10: Server-Side Request Forgery (SSRF).
