Lesson 1 | Introduction to OWASP

Lesson 2 | A1:2017-Injection

Lesson 3 | A2:2017-Broken Authentication

Lesson 4 | A3:2017-Sensitive Data Exposure

Lesson 5 | A4:2017-XML External Entities (XXE)

Lesson 6 | A5:2017-Broken Access Control

Lesson 7 | A6:2017-Security Misconfiguration

Lesson 8 | A7:2017-Cross-Site Scripting (XSS)

Lesson 9 | A8:2017-Insecure Deserialization

Lesson 10 | A9:2017-Using Components with Known Vulnerabilities

Lesson 11 | A10:2017-Insufficient Logging & Monitoring

Lesson 12 | OWASP Top 10 for 2021

‍

The OWASP Top 10 is a technical training. It contains the top 10 web application vulnerabilities. The list is data-driven based on the prevalence of technologies and vulnerabilities. The OWASP Top 10 contains information on what makes technologies vulnerable, how to prevent attacks, and example scenarios. 

All of the content is included in this Haekka version of the OWASP Top 10. We’ve also added questions to each lesson to test comprehension and video tutorials that help explain each of the top 10. The last official update was in 2017 though there is a new list for 2021 under review. We’ve added a lesson that compares the 2017 Top to the 2021 Top 10.

This training is meant for engineers and not all employees. It helps ensure engineers are up to date on the most common security vulnerabilities and that they use secure development and operations practices.