Lesson 1 | Introduction to OWASP
Lesson 2 | A1:2017-Injection
Lesson 3 | A2:2017-Broken Authentication
Lesson 4 | A3:2017-Sensitive Data Exposure
Lesson 5 | A4:2017-XML External Entities (XXE)
Lesson 6 | A5:2017-Broken Access Control
Lesson 7 | A6:2017-Security Misconfiguration
Lesson 8 | A7:2017-Cross-Site Scripting (XSS)
Lesson 9 | A8:2017-Insecure Deserialization
Lesson 10 | A9:2017-Using Components with Known Vulnerabilities
Lesson 11 | A10:2017-Insufficient Logging & Monitoring
Lesson 12 | OWASP Top 10 for 2021
The OWASP Top 10 is a technical training. It contains the top 10 web application vulnerabilities. The list is data-driven based on the prevalence of technologies and vulnerabilities. The OWASP Top 10 contains information on what makes technologies vulnerable, how to prevent attacks, and example scenarios.
All of the content is included in this Haekka version of the OWASP Top 10. We’ve also added questions to each lesson to test comprehension and video tutorials that help explain each of the top 10. The last official update was in 2017 though there is a new list for 2021 under review. We’ve added a lesson that compares the 2017 Top to the 2021 Top 10.
This training is meant for engineers and not all employees. It helps ensure engineers are up to date on the most common security vulnerabilities and that they use secure development and operations practices.