This project is an introduction to cyber security in the field of the Web
| Rank | OWASP Top 10 Risk | Description |
|---|---|---|
| A01 | Broken Access Control | Restrictions on what users can do are not properly enforced. |
| A02 | Cryptographic Failures | Sensitive data exposure due to weak or missing cryptographic protections. |
| A03 | Injection | Untrusted data is sent to an interpreter (e.g., SQL, OS, LDAP injection). |
| A04 | Insecure Design | Insecure design flaws, missing security controls in architecture or design. |
| A05 | Security Misconfiguration | Improper configuration of security settings or services. |
| A06 | Vulnerable and Outdated Components | Use of libraries, frameworks, or components with known vulnerabilities. |
| A07 | Identification and Authentication Failures | Weak or broken authentication mechanisms. |
| A08 | Software and Data Integrity Failures | Code and data integrity issues (e.g., supply chain attacks). |
| A09 | Security Logging and Monitoring Failures | Inadequate logging and detection of suspicious activities. |
| A10 | Server-Side Request Forgery (SSRF) | Server fetches remote resources without validating user input. |
| Breach | OWASP Type |
|---|---|
- OWASP