The OWASP Foundation is a non profit organization with the objective of improving security. They have different open source projects and tools. One of these projects is The OWASP Top 10.

As it is mentioned in the official OWASP Foundation site, the OWASP Top 10 is a referential document that outlines the 10 most critical security concerns. It’s made by a team of security experts from all over the world using data from different companies. 

Currently this project has been updated, the last version was made in 2017, and now the OWASP Foundation has introduced some new vulnerabilities and merged others.

The image above shows the Top 10 vulnerabilities and how they have changed since the 2017 version.

Keeping in mind all those security concerns is important in order to know where to focus our efforts in terms of security when we are building or deploying software.

Cloud computing presents many unique security issues and challenges. In the cloud, data is stored with a third-party provider and accessed over the Internet. This means that visibility and control over that data is limited. It also raises the question of how to properly protect it. It is imperative that everyone understands their respective role and the security issues inherent in cloud computing.

Securing applications and infrastructure must be in the roadmap of every organization. It's important to harden all systems and keep track of the possible vulnerabilities no matter if we are working on-premise or in the cloud. OWASP Top 10 is a standard frequently used by security teams to decide which controls they have to put in place and It can be used as a starting point to check and control the security of systems and applications.

Do you want to learn more?

Download the whitepaper: OWASP Top 10 Most Critical Security Concerns

    Data protection: The data controller is Keepler Data Tech S.L. Your data is collected for the purpose of being able to respond to your requests for information, without disclosing your data to any third parties. You have the right to know what information we store about you, to correct it or erase it as explained in the Privacy Policy.

    Authors

    • Cloud Architect in Keepler Data Tech: 'I am a Software & Cloud Architect who is passionate about new technologies and their applications. I am not afraid of anything, I simply set myself a new challenge. To 'disconnect' from computers I usually combine it with my hobby of automobilism, which has led me to be currently restoring a classic car.'

    • Cloud Engineer at Keepler. 'Technology lover, currently focused on cloud and cybersecurity areas. Passionate about learning new things and facing new challenges.'