Nonprofit foundation Open Web Application Security Project (OWASP) has released an updated draft of its ranking of the top 10 vulnerabilities, the first changes to the list since November 2017. The ...

One key change in the new top 10 list is the inclusion of many categories (e.g, Insecure Design- A04:2021, Software and Data Integrity Failures- A08:2021) that recognize the industry has to start ...

Software and Data Integrity Failures (A08:2021): Every Plugin, Library, Module and Supply Chain Matters Another new critical category on the list for 2021 is software and data integrity.

A02:2021 - Cryptographic Failures A06:2021 - Vulnerable and Outdated Components A07:2021 - Identification and Authentication Failures A09:2021 - Security logging and monitoring failures In addition, ...

In the 10 years since I launched my consulting/training venture, I’ve worked with thousands of software developers around the world. As you might expect, I’ve seen many software security failures.