logo
ArticlesConferencesPresentations
Dates
Author
Conferences
Tags

Sort by:  

OWASP Top 10 Flagship Project "The making of the OWASP Top 10 and beyond"

Conference:  OWASP 20th Anniversary Event
Authors: Brian Glas
2021-09-24

tldr - powered by Generative AI

The presentation discusses the process of creating the OWASP Top 10 2021 and the core principles that guided the selection of the top 10 risk categories.
  • The OWASP Top 10 is a baseline for software security and not a ceiling.
  • Data is important but has limitations as it reflects the past and not necessarily the present.
  • Stability is crucial in the selection of the top 10 risk categories to provide foundational stability for others to build on.
  • The goal is to raise the minimum bar and improve security across the industry and community.
  • Driving the right behavior is important to improve software security across the industry.
  • Root cause analysis is important in identifying and addressing software security issues.
  • The OWASP Top 10 2021 was created through a process of data collection, survey, data analysis, categorization, drafts, reviews, and the released product.
Tags:
Top 10 2021
data collection
survey
data analysis
Categorization