OWASP Top-10 2021 Proposal

Everybody knows the OWASP Top-10 as well as the fact that it gets updated only every other 3-4 years. With the last update published in 2017, it’s no surprise that a new version is coming this year. Since the OWASP creation process is not documented well, it seems reasonable to build an open and transparent rating for the same categories based on a large number of security reports.

Join Wallarm experts webinar to learn our OWASP Top-10 2021 predictions calculated by understandable metrics, you will be able to reproduce the results. The following work is based on an analysis of 2 million of security reports from 144 public sources including CVE bulletins, bug bounty reports, and vendor security bulletins.

During this webinar you will learn how to:

  • Protect APIs and microservices (RESTful API, GraphQL, gRPC) with a Cloud-based WAF / CDN.
  • Categories overlaps in OWASP Top-10
  • Methodology
  • Proposal 1. Add SSRF as a new category.
  • Proposal 2. Merge XXE and Insecure Deserialization
  • Proposal 3. Introduce Overall Risk Score
  • Calculating the OWASP Top 10 2021 rating
  • Results and OWASP Top Ten 2017 comparison

Our speakers:

Ivan Novikov

CEO at Wallarm

Watch the webinar