OWASP Top 10 protections

E697168

OWASP guideline security best practices web application security control set

OWASP Top 10 protections are a widely recognized set of security controls and best practices designed to mitigate the most critical web application security risks identified by the Open Web Application Security Project.

Try in SPARQL Jump to: Surface forms Statements Referenced by

Observed surface forms (2)

Surface form	Occurrences
ESAPI	1
OWASP Top 10	1

Statements (49)

Predicate	Object
instanceOf	OWASP guideline ⓘ security best practices ⓘ web application security control set ⓘ
aimsTo	mitigate critical web application security risks ⓘ
appliesTo	web APIs ⓘ web applications ⓘ
availableAs	free resource ⓘ
basedOn	OWASP Top 10 risks NERFINISHED ⓘ
characteristic	community driven ⓘ periodically updated ⓘ risk based ⓘ
describedAs	technology agnostic ⓘ vendor neutral ⓘ widely recognized ⓘ
developedBy	Open Web Application Security Project NERFINISHED ⓘ
documentedIn	OWASP Top 10 documentation NERFINISHED ⓘ
hasGoal	improve security posture of web applications ⓘ raise awareness of common vulnerabilities ⓘ reduce likelihood of successful attacks ⓘ
includesControlType	access control mechanisms ⓘ authentication controls ⓘ cryptographic controls ⓘ dependency and component management ⓘ error handling and logging ⓘ incident response procedures ⓘ input sanitization ⓘ input validation ⓘ logging and monitoring ⓘ output encoding ⓘ rate limiting and throttling ⓘ secure coding practices ⓘ security configuration management ⓘ security testing and code review ⓘ session management controls ⓘ
language	English ⓘ
relatedTo	OWASP Application Security Verification Standard NERFINISHED ⓘ OWASP Top 10 2017 NERFINISHED ⓘ OWASP Top 10 2021 NERFINISHED ⓘ
supports	defense in depth ⓘ secure SDLC practices ⓘ shift left security ⓘ
usedBy	penetration testers ⓘ security auditors ⓘ security engineers ⓘ software developers ⓘ
usedFor	compliance mapping ⓘ secure development lifecycle ⓘ security training ⓘ threat modeling ⓘ

Referenced by (3)

Full triples — surface form annotated when it differs from this entity's canonical label.

Cloud Armor → supportsStandard → OWASP Top 10 protections ⓘ

Small Arms Protective Insert → hasVariant → OWASP Top 10 protections ⓘ

this entity surface form: ESAPI

SAST → supportsStandard → OWASP Top 10 protections ⓘ

this entity surface form: OWASP Top 10