The definitive OWASP Top 10 2021 list is out, and it shows that broken access control is currently the most serious web application security risk. How is the list compiled? “We get data from organizations that are testing vendors by trade, bug bounty vendors, and organizations that contribute internal testing data. Once we have the data, we load it together and run a fundamental analysis of what CWEs map to risk categories,” the Open Web … Continue reading OWASP Top 10 2021: The most serious web application security risks