Future Frontiers: Why Developers Need to Go Beyond the OWASP Top 10 for Secure Coding Mastery

In 2021, we usher in a new era for the fabled OWASP Top 10. This latest release reveals some significant shake-ups, with Injection flaws finally being toppled from the top spot in favor of Broken Access Control vulnerabilities. Brand new entries like Insecure Design and Software and Data Integrity Failures show a trend towards vulnerability categories—rather than standalone security bugs—proving that the threat landscape and potential attack surface from the most common bugs are widening.

OWASP has always been the go-to authority on the most common and insidious security issues found in the software we use every day, and it’s all backed by rich data. If there is any baseline for which organizations should strive, it’s conquering this top 10 with the help of security-trained developers. While many companies recognize this (and will almost certainly pivot internal guidelines, training, and standards to be aligned to the OWASP Top 10 2021), we must start to cast a wider net with developer upskilling if the cybersecurity skills chasm is ever going to shrink, and have a positive impact on software safety in the face of crazy demand for code.

AWS Builder Community Hub
This complimentary download is offered by Secure Code Warrior.
Download Now
Avatar photo

Charlene O’Hanlon

Charlene O’Hanlon is Chief Operating Officer at Techstrong Group and Editor at Large at Techstrong Media. She is an award-winning journalist serving the technology sector for 20 years as content director, executive editor and managing editor for numerous technology-focused sites including DevOps.com, CRN, The VAR Guy, ACM Queue and Channel Partners. She is also a frequent speaker at industry events and conferences.

charlene has 55 posts and counting.See all posts by charlene