What is OWASP?

The OWASP Top Ten is a list created by the Open Web Application Security Project - which is where the acronym comes from. It is a non-profit foundation that works to improve the security of software.

Since 2003, they have examined trends in the software industry to identify the greatest threats to application security, and work to reach a broad consensus within the community. This consensus forms the OWASP Top 10, and since we last reflected these threats in our Secure Coding course, as per the landscape in 2017, OWASP have published an updated Top 10 list for 2021.

Our updated Secure Coding 2021

Similar to our previous iteration, our new 2021 Secure Coding series seeks to distill the information collated by OWASP into a format which can be easily digested by anyone who needs to be aware of application security issues.

This time around, we’ve done something radically different with the content. Each topic in the Top 10 has its own dedicate module containing individual titles which cover:

• defining the threat;
• understanding how to identify the threat;
• how to check your application for vulnerabilities; and
• mitigating the risk from the identified threat.

For each topic, there is a robust assessment which takes into account the importance of the risk to organisations, by rigorously examining your learners' knowledge of the Top 10 threat.

The topics covered are:

• What is Secure Coding?
• Broken Access Control
• Cryptographic Failures
• SQL Injection
• Insecure Design
• Security Misconfiguration
• Vulnerable and Outdated Components
• Identification and Authentication Failures
• Software and Data Integrity Failures
• Security Logging and Monitoring Failures
• Server-Side Request Forgery

Based on The OWASP Top 10, the new 2021 Secure Coding Series from MetaCompliance is available now.

Premium Plus and Premium Plus Multi Language customers can access the series on the MyCompliance platform via Learning>Fusion Template Creation>Course Templates Table>System Templates.