BACK
OWASP TOP 10

OWASP Top 10 Guide

The most critical web application security risks as of 2021.

A01

Broken Access Control

Vulnerabilities that allow unauthorized users to access other users' data or functionality.

A02

Cryptographic Failures

Insufficient or improperly implemented encryption to protect sensitive data.

A03

Injection

Attacks where SQL, NoSQL, or OS commands are injected through user input.

A04

Insecure Design

Architectural flaws where security was not considered from the design phase.

A05

Security Misconfiguration

Using default settings, enabling unnecessary features, or other misconfigurations.

Related Documents
API Security Guide β†’ Security Best Practices β†’