OWASP Top 10

One of the flagship projects for the Open Web Application Security Project (OWASP.org) is its top ten list. This list has been published about every three years since 2003. There have been some realignment of what it was a list of through the years, but in terms of the risks that applications commonly have, it is largely unchanged.

The latest list is from 2017. As we cover the list in subsequent topics, where possible, we will explore the vulnerability from the attackers point of view, examine the code flaw, and mitigate the risk with countermeasures. Some of the items can be caused by a number of different code flaws or might not be specifically code related.