OWASP opened up the data set when updating its list of critical vulnerabilities. The result is an updated OWASP Top 10 list that focuses more on the root causes of cybersecurity issues. Infosec Skills author John Wagnon breaks down how the list changed and what it means for your organization.
– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast
0:00 – How did the OWASP Top 10 list change?
1:06 – OWASP’s 2021 data set
1:46 – New OWASP list focuses on root causes
3:15 – #2 cryptographic failures: OWASP Top 10
3:56 – #3 Injection: OWASP Top 10
4:18 – #1 Broke access control: OWASP Top 10
5:23 – OWASP ordered by criticality
6:05 – OWASP Top 10 might not match your top 10
7:04 – Free cybersecurity training resources
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.