2021-08-02T02:49:00Z

What are the OWASP Top 10 in 2021?

EB
  • 4
  • 93
PeerSpot user
4

4 Answers

Real User
2021-08-05T17:23:27Z
Aug 5, 2021

We are due to release the OWASP Top 10 2021 on September 24, 2021. We will be transitioning to GitHub from our private work area soon. There will be three new categories, and some surprising coalescing for many of you who have been using the OWASP Top 10 since 2003. This means it is changing, and we've made an impact in our previous releases.

CY
Vendor
Oct 13, 2021

The history of the OWASP Top 10 through the years:
https://www.hahwul.com/cullina...

PeerSpot user
Search for a product comparison in Application Security Tools
VG
Real User
Top 5Leaderboard
2021-10-11T07:44:29Z
Oct 11, 2021

Believe no single tool will address all OWASP Top 10 issues. One will need a combination of tools and approaches as was also mentioned in the recent OWASP anniversary webinars.


A01-2021: Broken Access Control has moved to number 1 on the list this year compared to number 5 in 2017.


There are 3 new entries - Insecure design being at number 4. This is to me is a great addition and something which is complex to assess and fix easily.

CY
Vendor
2021-08-05T12:12:12Z
Aug 5, 2021

I’m not sure the top 10 is changing this year but if it is it will be to squeeze more stuff in ;-). 


To effectively detect these in a web app you need a status analyzer with deep data flow analysis. I joined ShiftLeft because I felt they had the best tool to change the way we think about SAST scans and it can do reachability analysis for OSS components to better understand the risk associated with vulnerable libraries and frameworks.

CY
Vendor
Aug 9, 2021

@Andrew Van Der Stock thanks, I’ll be sure to look for it.

PeerSpot user
EB
Community Manager
2021-08-02T03:00:37Z
Aug 2, 2021

Hi @Nagaraj Sheshachalam, @Kashif-Jamil, @Cuneyt KALPAKOGLU Phd., @Letsogile-Baloi , @VishalDhamke, @Enayat Galsulkar, @Etienne WEHRLE and @Vipin Garg


Based on your experience it seems you will be able to assist. Can you please chime in?

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: March 2024.
765,234 professionals have used our research since 2012.
Application Security Tools
Application security is a significant challenge for software engineers, as well as for security and DevOps professionals. It comprises the measures taken to improve the security of online services and websites against malicious attacks by finding, repairing, and preventing security weaknesses and vulnerabilities.
Download Application Security Tools ReportRead more

Related Q&As