OWASP updates top 10 vulnerability ranking for first time since 2017
Nonprofit foundation Open Web Application Security Project (OWASP) has released an updated draft of its ranking of the top 10 vulnerabilities, the first changes to the list since November 2017.
The new list features considerable changes, including the emergence of Broken Access Control, which moved from fifth on the list to number 1. The organization said 94% of applications have been tested for some form of broken access control and “the 34 CWEs mapped to Broken Access Control had more occurrences in applications than any other category.”
K2’s CTO and Co-Founder Jayant Shukla was tapped for commentary on the release of the draft of the Top Web Application Risks.