Explore the latest OWASP Top Ten 2021 in this comprehensive 50-minute conference talk by Brian Glas, Assistant Professor of Computer Science at Union University. Gain insights into the critical application security risks facing organizations and understand the changes in the new Top Ten list. Learn about the extensive data collection and analysis process involving over half-a-million applications, and discover how this information shapes industry standards. Delve into each category's significance, explore common pitfalls in vulnerability data structuring, and uncover valuable tips for effective analysis. Examine the implications of the collected data and identify areas that require further investigation. This talk provides a thorough overview of the OWASP Top Ten project, its impact on various standards and organizations, and its role in establishing a baseline for application security.
Overview
Syllabus
Introduction
Icons
Process
Core Principles
Venn Diagram
Software Assurance Maturity Model SAM
Thank you
Incidence vs Frequency
CWE Analysis
Community Survey
Dynamic Analysis
Impact
Exploit and Impact
CVS Scoring
CVS Impact Scoring
Exploit Scoring
CWEs
Data
Formula
Whats Next
Taught by
OWASP Foundation
Related Courses
-
OWASP Top 10 - A04:2021 - Insecure Design
-
OWASP Top 10 - A08:2021 - Software and Data Integrity Failures
-
OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures
-
OWASP Top 10 - A07:2021 - Identification and Authentication Failures
-
OWASP Top 10 - The Making of the OWASP Top 10 and Beyond
-
DevSecOps Fundamentals
