Podcast: The 2021 OWASP Top 10

March 26, 2021 | IN Blog, Podcast | BY Mark Miller


The OWASP Top 10 is considered one of the most important community contributions to come out OWASP. In 2003, just two years after the organization was started, the OWASP Top 10 was created. The purpose of the project was to create an awareness document, highlighting the top ten exploits security professionals should be aware of. Since that time, innumerable organizations have used it as a guideline or framework for creating security programs. The current Top 10 list was released four years ago, in 2017.

As part of a 2021 initiative at OWASP, the OWASP Top 10 is in the process of being updated, and scheduled for release this summer, in time for the OWASP 20th Anniversary Celebration. I was curious as to what has changed over the years with the Top 10, and what to anticipate in the upcoming release. In this broadcast, I talk with Andrew van Der Stock, Executive Director of OWASP. He explains how the top ten exploits are chosen, the data source for determining the exploits, and the data research done to verify the selections chosen.

Our conversation starts with why the OWASP Top 10 is being spotlighted after being static for the past four years.

About this Podcast