OWASP 2021: Broken Access Control is the worst!

OWASP 2021
OWASP 2017 — OWASP 2021
  • At first sight, Broken Access Control, which was in 5th place in 2017, is in 1st place in 2021.
  • The Injection is 2 steps down and in 3rd place. XSS attacks are also added to the Injection category.
  • Sensitive Data Exposure which is known as Cryptographic Failures from now moved up from third to second place. The new focus here is on failures related to cryptography operations.
  • XML External Entities and Security misconfigurations are together from now on 5th place.

1-) Insecure Design

2-) Software and Data Integrity Failures

3-) Server-Side Request Forgery (SSRF)



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sena Yakut

Sena Yakut

👩🏻‍💻 Senior Cloud Security Engineer & AWS Community Builder👩🏻‍💻