OWASP TOP 10
defined.

What is OWASP Top 10?

The 2021 list runs from A01 Broken Access Control to A10 Server-Side Request Forgery. The OWASP API Security Top 10 is a separate but complementary list focused on API-specific risks. See our explainer for engineer-friendly walkthroughs.

Related terms.

• OWASP ASVS
• OWASP WSTG
• Broken Object Level Authorization (BOLA)
• Common Vulnerability Scoring System (CVSS)

Where this shows up.

See our web application penetration testing, API security testing, network penetration testing, and cloud security audit services for how we test for and defend against this class of issue.