OWASP Top Ten 2021

The OWASP Top 10 is a professional list of the 10 most critical web application security issues.

Each item in the top 10:

• is categorized based on its severity and likelihood of occurrence;

• provides basic techniques to protect against these high-risk categories;

• sets guidelines on how to verify the existence of issues, how to avoid them, some examples of vulnerabilities, and references for further study.

Why follow the OWASP Top 10 list

The main purpose of the OWASP Top 10 is to educate organizations, designers, and developers about the consequences of the most significant web application security vulnerabilities.

As a foundational concept, it conveys a practical philosophy of Security by Design, which means incorporating security practices from the early stages of a web project development.

The Top 10 Vulnerabilities of 2021

• A01:2021-Broken Access Control

• A02:2021-Cryptographic Failures

• A03:2021-Injection

• A04:2021-Insecure Design

• A05:2021-Security Misconfiguration

• A06:2021-Vulnerable and Outdated Components

• A07:2021-Identification and Authentication Failures

• A08:2021-Software and Data Integrity Failures

• A09:2021-Security Logging and Monitoring Failures

• A10:2021-Server-Side Request Forgery

At the time of writing this editorial, Monday, November 13, 2023, the OWASP Top 10 2021 represents the latest version and edition of the project. The release is not on an annual basis.