Get Started

OWASP Top 10

Posted in
Definitions

Definition

OWASP Top 10 is a globally recognised, regularly updated report by the Open Web Application Security Project (OWASP) that identifies the most critical security risks facing web applications.

It serves as a foundational resource for developers and organisations to prioritise mitigation efforts against prevalent vulnerabilities.

Key aspects of the OWASP Top 10:

Expert consensus

Compiled by security professionals worldwide, reflecting real-world data on vulnerability frequency, severity, and impact.

Dynamic updates

Revised every 2-4 years, with the 2021 edition introducing categories like insecure design and software integrity failures. Next one due 2025 with anticipated focus on emerging threats like AI/ML vulnerabilities and cloud-native risks.

Risk prioritisation

Focuses on flaws with high exploitation likelihood and business impact

Summary

While not exhaustive, the list addresses 90% of observed application vulnerabilities according to industry analyses. Enterprises adopting its recommendations reduce breach risks by 60-80%.

Tagged
martin hill-wilson

Posted By

Martin Hill-Wilson

Martin Hill-Wilson is a long-standing member of the Customer Engagement community. Over his career, he has launched a series of change initiatives using the dynamic of action-based learning – most recently AI for Non Technical Minds. All are designed to disrupt and reset the ‘art of the possible’ using new operating models powered by foundation user education.