Top 10 security vulnerabilities of 2021

Top 10 security vulnerabilities of 2021

The 2021 year is about to end. OWASP (Open Web Application Security Project®) release the top 10 security risks of 2021. Let's take a look.

The list

  1. Broken Access Control
  2. Cryptographic Failures
  3. Injection
  4. Insecure Design
  5. Security Misconfiguration
  6. Vulnerable and Outdated Components
  7. Identification and Authentication Failures
  8. Software and Data Integrity Failures
  9. Security Logging and Monitoring Failures
  10. Server Side Request Forgery (SSRF)

Shiftment

mapping
As above image, we can see the changes of security vulnerabilities.
Old vulnerabilities like injection shift down (even XSS out of top 10) and new categories become a thing.
In my opinion, the security vulnerabilities is also telling the trend of techonologies
For example, cryptographic Failures jump up to ##2 telling us that cryptographic, blockchain technology is bring new attention to security expert.

What can we do to protect our system

We can follow the instruction that written in the OSWAP document here to protect our system from vulnerabilities.
https://owasp.org/www-community/Free_for_Open_Source_Application_Security_Tools