Documented standards for secure product development

A downloadable Security Handbook to document our best practices

Download white paper

The OWASP Top 10 List

Understanding the risks and how to remedy them

OWASP actively maintains a running list of the most critical security risks to web applications.

Use the OWASP Top 10 as a guide to build secure code and minimize the risk of:

  1. Injection

  2. Broken authentication

  3. Sensitive data exposure

  4. XML external entities

  5. Broken access control

  6. Security misconfiguration

  7. Cross-site scripting

  8. Insecure deserialization

  9. Using components with known vulnerabilities

  10. Insufficient logging & monitoring

OWASP Top 10

Continue to:1. Injection