February 10, 2021 4:00 PM
OWASP Top-10 2021 Proposal
Everybody knows the OWASP Top-10 as well as the fact that it gets updated only every other 3-4 years. With the last update published in 2017, it’s no surprise that a new version is coming this year. Since the OWASP creation process is not documented well, it seems reasonable to build an open and transparent rating for the same categories based on a large number of security reports.
Join Wallarm experts webinar to learn our OWASP Top-10 2021 predictions calculated by understandable metrics, you will be able to reproduce the results. The following work is based on an analysis of 2 million of security reports from 144 public sources including CVE bulletins, bug bounty reports, and vendor security bulletins.
During this webinar you will learn how to:
- Protect APIs and microservices (RESTful API, GraphQL, gRPC) with a Cloud-based WAF / CDN.
- Categories overlaps in OWASP Top-10
- Proposal 1. Add SSRF as a new category.
- Proposal 2. Merge XXE and Insecure Deserialization
- Proposal 3. Introduce Overall Risk Score
- Calculating the OWASP Top 10 2021 rating
- Results and OWASP Top Ten 2017 comparison
CEO at Wallarm
Besides being a co-founder of Wallarm, Ivan Novikov also is:
- provider of AI-powered application security;
- white-hat security professional with over 12 years of experience in security services;
- inventor of memcached injection and SSRF exploit class
- recipient of bounty awards from Google and Facebook
- speaker at HITB, Black Hat, and other industry events.