Update to OWASP TOP 10 2021 - Githubissues

onebeyond / cybersecurity-handbook

Cybersecurity handbook by One Beyond

https://cybersecurityhandbook.dev/

MIT License

114 stars 15 forks source link

Update to OWASP TOP 10 2021 #67

Open UlisesGascon opened 1 year ago

UlisesGascon commented 1 year ago

Changes

New

A04:2021 - Insecure Design
A08:2017 - Insecure Deserialization -> A08:2021 - Software and Data Integrity Failures
A10:2021 - Server-Side Request Forgery (SSRF)

Relocate

A05:2017 - Broken Access Control -> A01:2021 - Broken Access Control
A03:2017 - Sensitive Data Exposure -> A02-2021 - Cryptographic Failures
A09:2017 - Using Components with Known Vulnerabilities -> A06:2021 - Vulnerable and Outdated Components
A10:2017 - Insufficient Logging & Monitoring -> A09:2021 - Security Logging and Monitor Failures

Mix

A01:2017 - Injection & A07:2017 - Cross-site Scripting (XSS) -> A03:2021 - Injection
A04:2017 - XML External Entities (XXE) & A06:2017 - Security Misconfiguration -> A05:2021 - Security Misconfiguration