cybersecurity-handbook icon indicating copy to clipboard operation
cybersecurity-handbook copied to clipboard
verified publisher icon onebeyond

Update to OWASP TOP 10 2021

Open UlisesGascon opened this issue 2 years ago • 0 comments

Changes

image

New

  • A04:2021 - Insecure Design
  • A08:2017 - Insecure Deserialization -> A08:2021 - Software and Data Integrity Failures
  • A10:2021 - Server-Side Request Forgery (SSRF)

Relocate

  • A05:2017 - Broken Access Control -> A01:2021 - Broken Access Control
  • A03:2017 - Sensitive Data Exposure -> A02-2021 - Cryptographic Failures
  • A09:2017 - Using Components with Known Vulnerabilities -> A06:2021 - Vulnerable and Outdated Components
  • A10:2017 - Insufficient Logging & Monitoring -> A09:2021 - Security Logging and Monitor Failures

Mix

  • A01:2017 - Injection & A07:2017 - Cross-site Scripting (XSS) -> A03:2021 - Injection
  • A04:2017 - XML External Entities (XXE) & A06:2017 - Security Misconfiguration -> A05:2021 - Security Misconfiguration

UlisesGascon avatar Apr 29 '23 12:04 UlisesGascon