OWASP Top 10:2021 — A10: Server-Side Request Forgery (SSRF)
We’ve reached the end of the OWASP Top 10 in this OWASP Top 10:2021 series — and we’re finishing with a bang. SSRF is one of the most dangerous vulnerabiliti...
OWASP
OWASP Top 10:2021 — A09: Security Logging and Monitoring Failures
You Can’t Respond to What You Don’t See
OWASP Top 10:2021 — A08: Software and Data Integrity Failures
Welcome back to this OWASP Top 10:2021 security series. Today, we’re stepping away from code bugs and logic flaws to talk about something much sneakier: trus...
OWASP Top 10:2021 — A07: Identification and Authentication Failures
Welcome back to this deep dive into the OWASP Top 10. Today we’re looking at something fundamental: authentication.
OWASP Top 10:2021 — A06: Vulnerable and Outdated Components
Welcome back to this OWASP Top 10 deep dive. Today’s topic — Vulnerable and Outdated Components — might not sound exciting at first, but it’s a silent killer...
OWASP Top 10:2021 — A05: Security Misconfiguration
Welcome to Part 5 of this OWASP Top 10 series. So far, we’ve covered insecure code, weak design, and architectural flaws. Now it’s time to talk about somethi...
OWASP Top 10:2021 — A04: Insecure Design
Welcome to Part 4 of our OWASP Top 10:2021 series. So far, we’ve looked at hands-on, tactical flaws like Injection and Cryptographic Failures. But now we’re ...
OWASP Top 10:2021 — A03: Injection
Welcome back to this OWASP Top 10 series. So far, we’ve looked at Broken Access Control and Cryptographic Failures — both dangerous, both preventable. Now we...
OWASP Top 10:2021 — A02: Cryptographic Failures
Welcome to part two of this OWASP Top 10:2021 series, where I break down each of the top security risks, in a way that makes sense to everyday engineers. In ...
OWASP Top 10:2021 — A01: Broken Access Control
Welcome to the first post in this OWASP Top 10:2021 series, where I break down each of the top security risks. This is for engineers who may not be security ...