The OWASP 2021 report is a good reminder to educate myself about web security. For example, I know about current password hashing algorithms (i.e. Argon2), but I need to educate myself about authenticated encryption vs only encryption. This year’s top 10 are:
- [A01:2021-Broken Access Control]{(https://owasp.org/Top10/A01_2021-Broken_Access_Control/}
- A02:2021-Cryptographic Failures
- A03:2021-Injection
- A04:2021-Insecure Design
- A05:2021-Security Misconfiguration
- A06:2021-Vulnerable and Outdated Components
- A07:2021-Identification and Authentication Failures
- A08:2021-Software and Data Integrity Failures
- A09:2021-Security Logging and Monitoring Failures
- A10:2021-Server-Side Request Forgery
If you liked this post, please, do share it:
Thanks, for reading (and sharing)! 🥳