OWASP API Security Top 10

The rise of the APIs is changing the security landscape so fundamentally that a new approach is needed. As a result, OWASP has launched a separate project dedicated purely to API security. The OWASP API Security Top 10 project focuses specifically on the top ten vulnerabilities in API security.

The new project recognizes the crucial role that APIs play in application architecture and application security today. It also recognises the emergence of API-specific issues that need to be on the security radar. The first and only OWASP API Security Top 10 list was released on 31 December 2019.

OWASP API Security Top 10 Vulnerabilities

  • API1:2019 — Broken object level authorization
  • API2:2019 — Broken authentication
  • API3:2019 — Excessive data exposure
  • API4:2019 — Lack of resources and rate limiting
  • API5:2019 — Broken function level authorization
  • API6:2019 — Mass assignment
  • API7:2019 — Security misconfiguration
  • API8:2019 — Injection
  • API9:2019 — Improper assets management
  • API10:2019 — Insufficient logging and monitoring

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center