Draft of OWASP TOP 10 2021 released for Peer Review

Draft of OWASP Top 10 2021 released for peer review. For those who don't know, OWASP Top 10 is the list of Top 10 security risks found in web applications. The Open Web Application Security Project (OWASP) is a community of security enthusiasts people who have been involved in the development of articles, tools, methodologies, etc.

Three new risks are identified in the draft of OWASP Top 10 2021.

  • A04:2021-Insecure Design
  • A08:2021-Software and Data Integrity Failures
  • A10:2021-Server-Side Request Forgery

Let's compare OWASP Top 10 2017 and the draft of OWASP Top 10 2021:

OWASP Top 10 2017OWASP Top 10 2021
A1:2017-InjectionA01:2021-Broken Access Control
A2:2017-Broken AuthenticationA02:2021-Cryptographic Failures
A3:2017-Sensitive Data ExposureA03:2021-Injection
A4:2017-XML External Entities (XXE)A04:2021-Insecure Design (New)
A5:2017-Broken Access ControlA05:2021-Security Misconfiguration 
A6:2017-Security MisconfigurationA06:2021-Vulnerable and Outdated Components
A7:2017-Cross-Site Scripting (XSS)A07:2021-Identification and Authentication Failures
A8:2017-Insecure DeserializationA08:2021-Software and Data Integrity Failures (New)
A9:2017-Using Components with Known VulnerabilitiesA09:2021-Security Logging and Monitoring Failures
A10:2017-Insufficient Logging & MonitoringA10:2021-Server-Side Request Forgery (New)

For complete details, you can refer to it by clicking on the URL available in the reference.


Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *