#owasptop10 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #owasptop10, aggregated by home.social.
-
Data breaches don’t start with zero-days—they start with missed basics. @mezoCode walks through the #OWASP API Security Top 10—each one with bad & good #Java code examples.
Read the best practices: https://javapro.io/2025/11/12/mastering-api-security-in-java-owasp-best-practices/
#SpringBoot #OWASPTop10 @owasp @OWASPTop10 #JAVAPRO #API
-
OpenAI wprowadza Lockdown Mode – nowa strategia ochrony danych AI
Czy wystarczy zaciągnąć hamulec ręczny, żeby AI przestało robić głupoty? OpenAI twierdzi, że tak – przynajmniej wtedy, gdy stawką są wrażliwe dane.
Czytaj dalej:
https://pressmind.org/openai-wprowadza-lockdown-mode-nowa-strategia-ochrony-danych-ai/#PressMindLabs #chatgptenterprise #elevatedrisk #lockdownmode #ochronadanych #owasptop10
-
🎉 OWASP London Training Days just got better! Join Fabio Cerullo for 3 days of Web App Security Essentials 🔥 Learn to identify, exploit, and fix critical vulnerabilities in hands-on labs, fully aligned with the OWASP Top 10 (2025)👉 https://londonowasptrainingdays2025.sched.com/event/2CR9z
#webapplications #appsec #owasptop10 -
Broken object-level auth, SSRF, missing rate limits — Java APIs fail in predictable ways. This step-by-step guide by @mezoCode maps each #OWASP #API flaw to a working #Java solution.
Essential read for secure backends: https://javapro.io/2025/11/12/mastering-api-security-in-java-owasp-best-practices/
-
The Cloudflare Outage May Be a Security Roadmap
https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/
#MartinGreenfield #ALittleSunshine #LatestWarnings #TheComingStorm #MatthewPrince #IANSResearch #ReplicaCyber #AaronTurner #NicoleScott #CloudFlare #OWASPTop10 #QuodOrbis
-
The Cloudflare Outage May Be a Security Roadmap
https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/
#MartinGreenfield #ALittleSunshine #LatestWarnings #TheComingStorm #MatthewPrince #IANSResearch #ReplicaCyber #AaronTurner #NicoleScott #CloudFlare #OWASPTop10 #QuodOrbis
-
The Cloudflare Outage May Be a Security Roadmap
https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/
#MartinGreenfield #ALittleSunshine #LatestWarnings #TheComingStorm #MatthewPrince #IANSResearch #ReplicaCyber #AaronTurner #NicoleScott #CloudFlare #OWASPTop10 #QuodOrbis
-
The Cloudflare Outage May Be a Security Roadmap
https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/
#MartinGreenfield #ALittleSunshine #LatestWarnings #TheComingStorm #MatthewPrince #IANSResearch #ReplicaCyber #AaronTurner #NicoleScott #CloudFlare #OWASPTop10 #QuodOrbis
-
The Cloudflare Outage May Be a Security Roadmap
https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/
#MartinGreenfield #ALittleSunshine #LatestWarnings #TheComingStorm #MatthewPrince #IANSResearch #ReplicaCyber #AaronTurner #NicoleScott #CloudFlare #OWASPTop10 #QuodOrbis
-
The Cloudflare Outage May Be a Security Roadmap https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/ #MartinGreenfield #ALittleSunshine #LatestWarnings #TheComingStorm #MatthewPrince #IANSResearch #ReplicaCyber #AaronTurner #NicoleScott #CloudFlare #OWASPTop10 #QuodOrbis
-
The Cloudflare Outage May Be a Security Roadmap https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/ #MartinGreenfield #ALittleSunshine #LatestWarnings #TheComingStorm #MatthewPrince #IANSResearch #ReplicaCyber #AaronTurner #NicoleScott #CloudFlare #OWASPTop10 #QuodOrbis
-
The Cloudflare Outage May Be a Security Roadmap https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/ #MartinGreenfield #ALittleSunshine #LatestWarnings #TheComingStorm #MatthewPrince #IANSResearch #ReplicaCyber #AaronTurner #NicoleScott #CloudFlare #OWASPTop10 #QuodOrbis
-
The Cloudflare Outage May Be a Security Roadmap https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/ #MartinGreenfield #ALittleSunshine #LatestWarnings #TheComingStorm #MatthewPrince #IANSResearch #ReplicaCyber #AaronTurner #NicoleScott #CloudFlare #OWASPTop10 #QuodOrbis
-
There's a release candidate up for review via community survey of the OWASP Top 10 2025 edition. The previous edition was 2021. This lists current top network application security issues that developers should pay attention to. For 2025, Server-Side Request Forgery SSRF was merged into Broken Access Controls; added Mishandling of Exceptional Conditions based on Common Weakness Enumeration CWE trends. https://owasp.org/Top10/2025/0x00_2025-Introduction/ #OWASPTop10 #cybersecurity #Internet #web #software #engineering #tech
-
$4.45M. That’s the average cost of a breach. Most start with #API vulnerabilities. This guide by @mezoCode shows how to write secure #Java APIs with working #OWASPTop10 code fixes.
Prevent costly mistakes - read: https://javapro.io/2025/11/12/mastering-api-security-in-java-owasp-best-practices/
#SpringBoot #OWASP @owasp @OWASPTop10
-
Still exposing sensitive data via #Java #APIs? @mezoCode breaks down real-world #OWASP API security flaws—from broken auth to SSRF—and how to fix them in clean, tested code.
Actionable code for every risk: https://javapro.io/2025/11/12/mastering-api-security-in-java-owasp-best-practices/
#SpringBoot #OWASPTop10 @owasp @OWASPTop10
-
OWASP Top 10 2025 Released: Major Revisions and Two New Security Classes Added https://gbhackers.com/owasp-top-10-2025-released/ #CyberSecurityNews #cybersecurity #OWASPTop10 #Top10
-
Two New Web Application Risk Categories Added to OWASP Top 10 https://www.securityweek.com/two-new-web-application-risk-categories-added-to-owasp-top-10/ #ApplicationSecurity #webapplication #vulnerability #OWASPTop10 #OWASP
-
Unterstützt das und leitet das weiter!
Es ist wahrscheinlicher, dass Euch ein Bug aus den #OWASPTop10 raushaut, als eine #AI oder ein #quantumcomputer
Zahllose Beispiele ...
-
OWASP Smart Contract Top 10 2025 Released – What’s new! https://gbhackers.com/owasp-smart-contract-top-10-2025/ #CyberSecurityNews #cybersecurity #OWASPTop10 #whatisNew
-
📢 November OWASP Ottawa Meetup Alert📢
Join us for an in-person #OWASPOttawa meetup next week at the University of Ottawa!
We’ve got two fantastic speakers (Tanya Janca and Gabriel Kronfeld) lined up to dive deep into #DevSecOps and #OWASPTop10.
Gabriel Kronfeld presents "A Brief overview of the OWASP Top 10"
Tanya Janca presents "DevSecOps Worst Practices"
RSVP link: https://www.meetup.com/owasp-ottawa/events/304507525
-
👉 #APIattacks have grown in triple digits in the last two years.
After all, 71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.
Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.
In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning.
Vivek will discuss how to :
- Scan API endpoints for OWASP API Top 10 vulnerabilities
- Perform API penetration testing for business logic vulnerabilities
- Prioritize the most critical vulnerabilities with AcuRisQ
- Workflow automation for this entire processRegister now and start protecting your APIs today! https://bit.ly/3z7IPHf
#vulnerabilityscanning #hacking #apiscanning #cybersecurity #vulnerabilities #owaspapi #owasptop10 #pentesting #apiendpoints #apisecurity #apptrana #indusface
-
👉 #APIattacks have grown in triple digits in the last two years.
After all, 71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.
Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.
In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning.
Vivek will discuss how to :
- Scan API endpoints for OWASP API Top 10 vulnerabilities
- Perform API penetration testing for business logic vulnerabilities
- Prioritize the most critical vulnerabilities with AcuRisQ
- Workflow automation for this entire processRegister now and start protecting your APIs today! https://bit.ly/3z7IPHf
#vulnerabilityscanning #hacking #apiscanning #cybersecurity #vulnerabilities #owaspapi #owasptop10 #pentesting #apiendpoints #apisecurity #apptrana #indusface
-
👉 #APIattacks have grown in triple digits in the last two years.
After all, 71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.
Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.
In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning.
Vivek will discuss how to :
- Scan API endpoints for OWASP API Top 10 vulnerabilities
- Perform API penetration testing for business logic vulnerabilities
- Prioritize the most critical vulnerabilities with AcuRisQ
- Workflow automation for this entire processRegister now and start protecting your APIs today! https://bit.ly/3z7IPHf
#vulnerabilityscanning #hacking #apiscanning #cybersecurity #vulnerabilities #owaspapi #owasptop10 #pentesting #apiendpoints #apisecurity #apptrana #indusface
-
👉 #APIattacks have grown in triple digits in the last two years.
After all, 71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.
Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.
In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning.
Vivek will discuss how to :
- Scan API endpoints for OWASP API Top 10 vulnerabilities
- Perform API penetration testing for business logic vulnerabilities
- Prioritize the most critical vulnerabilities with AcuRisQ
- Workflow automation for this entire processRegister now and start protecting your APIs today! https://bit.ly/3z7IPHf
#vulnerabilityscanning #hacking #apiscanning #cybersecurity #vulnerabilities #owaspapi #owasptop10 #pentesting #apiendpoints #apisecurity #apptrana #indusface
-
👉 Join Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface, in a live #API attack simulation. 🔓
In this session, they will cover:
- An exploit of #OWASP API Top 10 vulnerability
- A brute force #ATO (Account Takeover) attack on an API
- A #DDoS attack on an API
- Positive security model automation to prevent #APIattacksDon't miss out – register now! https://bit.ly/3WODUV8
#authentication #authorization #apisecurity #hacking #owasptop10 #ddosattacks #apigateway #bruteforceattacks #cybersecurity #apptrana
-
👉 Join Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface, in a live #API attack simulation. 🔓
In this session, they will cover:
- An exploit of #OWASP API Top 10 vulnerability
- A brute force #ATO (Account Takeover) attack on an API
- A #DDoS attack on an API
- Positive security model automation to prevent #APIattacksDon't miss out – register now! https://bit.ly/3WODUV8
#authentication #authorization #apisecurity #hacking #owasptop10 #ddosattacks #apigateway #bruteforceattacks #cybersecurity #apptrana
-
👉 Join Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface, in a live #API attack simulation. 🔓
In this session, they will cover:
- An exploit of #OWASP API Top 10 vulnerability
- A brute force #ATO (Account Takeover) attack on an API
- A #DDoS attack on an API
- Positive security model automation to prevent #APIattacksDon't miss out – register now! https://bit.ly/3WODUV8
#authentication #authorization #apisecurity #hacking #owasptop10 #ddosattacks #apigateway #bruteforceattacks #cybersecurity #apptrana
-
👉 Join Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface, in a live #API attack simulation. 🔓
In this session, they will cover:
- An exploit of #OWASP API Top 10 vulnerability
- A brute force #ATO (Account Takeover) attack on an API
- A #DDoS attack on an API
- Positive security model automation to prevent #APIattacksDon't miss out – register now! https://bit.ly/3WODUV8
#authentication #authorization #apisecurity #hacking #owasptop10 #ddosattacks #apigateway #bruteforceattacks #cybersecurity #apptrana
-
It is 2024 and here we have yet another critical SQL Injection (#SQLi) vulnerability in a commercial product by a *CyberSecurity* vendor - F5! (PaloAlto vuln was a couple of weeks ago)
-
🔒 Elevate Your Web Application Security Game! 🔒
Are you taking the necessary steps to safeguard your web applications against cyber threats? Dive into our latest insights on the OWASP Top 10 vulnerabilities and discover actionable strategies to fortify your defenses.
#WebApplicationSecurity #OWASPTop10 #CyberSecurity #InfoSec #ProtectYourData #StaySecure #SoftwareDevelopment #VulnerabilityManagement #SecurityBestPractices #LearnMore
https://www.relianoid.com/blog/relianoid-open-web-application-security-project-top-10/
-
Attackers are exploiting a critical #XSS #vulnerability (CVE-2023-34192) in #Zimbra.
Our latest #securitybulletin proposes mitigation measures to address the flaw: https://bit.ly/47bK2s6
#crosssitescripting #owasptop10 #owasp #zeroday #zerodayvulnerability #xssvulnerability #waap #DAST #waf #virtualpatching #apptrana #indusface
-
Attackers are exploiting a critical #XSS #vulnerability (CVE-2023-34192) in #Zimbra.
Our latest #securitybulletin proposes mitigation measures to address the flaw: https://bit.ly/47bK2s6
#crosssitescripting #owasptop10 #owasp #zeroday #zerodayvulnerability #xssvulnerability #waap #DAST #waf #virtualpatching #apptrana #indusface
-
Attackers are exploiting a critical #XSS #vulnerability (CVE-2023-34192) in #Zimbra.
Our latest #securitybulletin proposes mitigation measures to address the flaw: https://bit.ly/47bK2s6
#crosssitescripting #owasptop10 #owasp #zeroday #zerodayvulnerability #xssvulnerability #waap #DAST #waf #virtualpatching #apptrana #indusface
-
👉 A new edition of the #OWASP Mobile Top 10 2023 has been released.
The blog breaks down the updated list of #vulnerabilities and provides mitigation guidelines - https://bit.ly/3RH1CQw
#owasptop10 #mobileapplications #mobilesecurity #penetrationtesting #mobileappsecurity #mobileapplicationscanning #apptrana #indusface
-
👉 “We have an #API gateway, and the strong authentication & authorization keeps us secure.”
This notion could cost you a #databreach, a compliance fine or even application downtime that may erode customer trust.
In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how #APIs could be hacked.
They'll cover:1. An exploit of #owaspapitop10 vulnerability
2. A brute force account take-over (ATO) attack on API
3. A #DDoS attack on an API
4. How a #WAAP could bolster security over an API gateway
📌 Save your seat now! https://bit.ly/3Mw4Inp#apiattacks #authentication #authorization #apisecurity #hacking #owasptop10 #ddosattacks #apigateway #bruteforceattacks #ATO #apptrana #indusface
-
🚀 🔍 #APIsecurity landscape is constantly changing, and keeping up is important.
The trusted resource for API security, the #OWASP #API Top 10, has been updated for 2023.
Get the latest insights and recommendations to protect your #APIs. See what's new compared to 2019: https://bit.ly/48z6WeV
#owaspapi #owasptop10 #apiprotection #apivulnerabilities #ddosattacks #riskprotection #appsec #apptrana #indusface
-
🚀 🔍 #APIsecurity landscape is constantly changing, and keeping up is important.
The trusted resource for API security, the #OWASP #API Top 10, has been updated for 2023.
Get the latest insights and recommendations to protect your #APIs. See what's new compared to 2019: https://bit.ly/48z6WeV
#owaspapi #owasptop10 #apiprotection #apivulnerabilities #ddosattacks #riskprotection #appsec #apptrana #indusface
-
🚀 🔍 #APIsecurity landscape is constantly changing, and keeping up is important.
The trusted resource for API security, the #OWASP #API Top 10, has been updated for 2023.
Get the latest insights and recommendations to protect your #APIs. See what's new compared to 2019: https://bit.ly/48z6WeV
#owaspapi #owasptop10 #apiprotection #apivulnerabilities #ddosattacks #riskprotection #appsec #apptrana #indusface
-
🚀 🔍 #APIsecurity landscape is constantly changing, and keeping up is important.
The trusted resource for API security, the #OWASP #API Top 10, has been updated for 2023.
Get the latest insights and recommendations to protect your #APIs. See what's new compared to 2019: https://bit.ly/48z6WeV
#owaspapi #owasptop10 #apiprotection #apivulnerabilities #ddosattacks #riskprotection #appsec #apptrana #indusface
-
Check out SmartBear's YouTube series on the new 2023 #OWASPTop10 for Secure #APIs: https://www.youtube.com/watch?v=nIWBp_nvzq4&list=PLrA5ciulugn8nydmfvt9cGBgDFqg8XbEt
-
#Workshop erfolgreich abgeschlossen 🙌🥳
Wieder 10 Leute beim "Hack It: Sichere Webanwendungen" bespaßt. ☺️
-
OWASP Top 10 for Large Language Model Applications
"The OWASP Top 10 for Large Language Model Applications project aims to educate developers, designers, architects, managers, and organizations about the potential security risks when deploying and managing Large Language Models (LLMs)."
https://owasp.org/www-project-top-10-for-large-language-model-applications/
Review the draft Top 10 list version 0.1: https://owasp.org/www-project-top-10-for-large-language-model-applications/descriptions/
1) Prompt Injections
2) Data Leakage
3) Inadequate Sandboxing
4) Unauthorized Code Execution
5) SSRF Vulnerabilities
6) Overreliance on LLM-generated Content
7) Inadequate AI Alignment
8) Insufficient Access Controls
9) Improper Error Handling
10) Training Data Poisoning
The initiative is community-driven, collaborate :)
#security #ai #data #llm #largelanguagemodel #artificialintelligence #owasp #training #OpenWorldwideApplicationSecurityProject #cybersecurity #community #owasptop10 #noprofit
-
👉 Excessive data exposure occurs when #APIs reveal more fields, data, and information than the client needs.
This vulnerability exposes APIs to data leaks, man-in-the-middle attacks, and other #cyberthreats.
Excessive data exposure is #3 in the OWASP API Security Top 10 2019 list. Understand this risk in detail and how to prevent your business from it in our latest blog: https://bit.ly/411brKv
#excessivedataexposure #owasptop10 #owaspapi #apisecurity #apibreach #waap #appsec #apptrana #indusface
-
👉 The OWASP API Top 10 2019 edition provided a comprehensive overview of the APIs' threats.
But since 2019, the API threat landscape has evolved significantly.
To provide new insights into API security, the OWASP has released the Top 10 2023 RC edition, which contains quite a few changes from the previous version.
With a few new vulnerabilities on the list, let's have a closer look at the changes: https://bit.ly/3LGoEnu
#owasp #owasptop10 #owaspapi #securityrisks #apisecurity #apis #webapplications #mobileapplications #apiattacks #apptrana #indusface
-
Today's THM Advent of Cyber challenge was a quick one but one that shouldn't be overlooked.
The challenge itself was pretty easy, but it's a good reminder that there are still a lot of websites and web applications that are poorly built and open to vulnerabilities.
I was listening to Darknet Diaries episode 2 on my commute yesterday and that talked about the VTech breach in 2015. The hacker was able to easily gain access because of garbage security.