OWASP Top 10

Helps make websites and apps safer.

• Rescan
• Share
  • This page
  • LinkedIn
  • Bluesky
  • Mastodon
  • X
  • Email

About

The OWASP Top Ten is a list of the biggest security problems for websites.

1. Broken Access Control: Unauthorized access to data.
2. Weak Encryption: Poor data protection.
3. Injection Attacks: Hackers insert harmful code.
4. Bad Design: Security not built-in.
5. Wrong Settings: Unsafe system setup.
6. Unsafe Software: Using outdated programs.
7. Weak Logins: Easy-to-break passwords.
8. Unsafe Updates: Untrusted changes allowed.
9. No Security Monitoring: Attacks go unnoticed.
10. Tricking Servers: Servers access wrong links.

Indicators

• Security

Standards

• X-Content-Type-Options
• Clickjacking mitigation