Overview of the OWASP top ten list

The list of the top OWASP ten web application security issues reflects a global consensus among many security experts. These security risks are likely the most serious ones that developers of applications need to be aware of and guard against. The OWASP most critical security weaknesses for 2021 are highlighted in this section.

For more information, see the following:

• OWASP home page: https://www.owasp.org/
• General descriptions for the OWASP top ten list of security risks for 2021:

  https://owasp.org/Top10/A00_2021_Introduction/

• The OWASP Top Ten Proactive Controls describes the most important control and control categories:

  https://www.owasp.org/www-project-proactive-controls/

• #1 - Broken access control
  
• #2 - Cryptographic failures
  
• #3 - Injection
  
• #4 - Insecure design
  
• #5 - Security misconfiguration
  
• #6 - Vulnerable and Outdated Components
  
• #7 - Identification and authentication failures
  
• #8 - Software and data integrity failures
  
• #9 - Security Logging and Monitoring Failures
  
• #10 - Server-Side Request Forgery (SSRF)