The OWASP Foundation is a non profit organization with the objective of improving security. They have different open source projects and tools. One of these projects is The OWASP Top 10.
As it is mentioned in the official OWASP Foundation site, the OWASP Top 10 is a referential document that outlines the 10 most critical security concerns. It’s made by a team of security experts from all over the world using data from different companies.
Currently this project has been updated, the last version was made in 2017, and now the OWASP Foundation has introduced some new vulnerabilities and merged others.
The image above shows the Top 10 vulnerabilities and how they have changed since the 2017 version.
Keeping in mind all those security concerns is important in order to know where to focus our efforts in terms of security when we are building or deploying software.
Cloud computing presents many unique security issues and challenges. In the cloud, data is stored with a third-party provider and accessed over the Internet. This means that visibility and control over that data is limited. It also raises the question of how to properly protect it. It is imperative that everyone understands their respective role and the security issues inherent in cloud computing.
Securing applications and infrastructure must be in the roadmap of every organization. It's important to harden all systems and keep track of the possible vulnerabilities no matter if we are working on-premise or in the cloud. OWASP Top 10 is a standard frequently used by security teams to decide which controls they have to put in place and It can be used as a starting point to check and control the security of systems and applications.
Do you want to learn more?
Download the whitepaper: OWASP Top 10 Most Critical Security Concerns
Leave A Comment