news-highlightsOWASP Reshuffles Its Top 10 List, Adds New Categories - K2 Cyber Security

OWASP Reshuffles Its Top 10 List, Adds New Categories

News Highlights

September 16, 2021

OWASP Reshuffles Its Top 10 List, Adds New Categories

The Open Web Application Security Project reshuffles its list of top threats and released its draft for 2021, putting broken access controls and cryptographic failures at the top and creating three new risk categories.  The list, which is updated every three or four years using data analysis, surveys, and public comment, contained a number of surprises. Cross-Site Scripting (XSS), which accounts for about one in every five disclosed vulnerabilities, disappeared from the list, subsumed by the expanded category of Injection flaws. Three new categories were also added, including Insecure Design, which debuts in the No. 4 spot on the list.

K2’s CTO and Co-Founder Jayant Shukla was tapped for commentary on the release of the draft of the Top Web Application Risks.

Click here to read the complete article on Dark Reading.


K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks including OWASP Top 10 and memory-based attacks, and provides additional vulnerability detection. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production servers to identify the location of the vulnerable code in real-time. K2’s solution generates almost no false alerts, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools including Web Application Firewalls, and dramatically reduces security cost. K2 Cyber Security is located in the USA, and provides cyber security solutions globally.


K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131