The Open Worldwide Application Security Project (OWASP) is a non profit foundation whose goal it is to be a global open community that powers secure software through education, tools, and collaboration. It was founded in 2001 and the non profit was established in 2004.
One of their best know projects is the OWASP top 10. It is a report that outlines the 10 most critical risks facing web applications. It was last published in 2021 based on research using data compiled from over 40 partner organizations. It is due to be updated in the first half of 2025.
Below are the OWASP Top 10 risks reported in the 2021 report:
- Broken Access Control
- Cryptographic Failures
- Injection
- Insecure Design
- Security Misconfiguration
- Vulnerable and Outdated Components
- Identification and Authentication Failures
- Software and Data Integrity Failures
- Security Logging and Monitoring Failures
- Server-Side Request Forgery
About the Owasp Foundation (no date) About the OWASP Foundation | OWASP Foundation. Available at: https://owasp.org/about/ (Accessed: 06 March 2025).
Owasp (2025) Wikipedia. Available at: https://en.wikipedia.org/wiki/OWASP (Accessed: 06 March 2025).