OWASP Top 10 Updated for 2021, with Broken Access Control Now #1
The Open Web Application Security Project, or OWASP, recently released the 2021 Top 10 web application security threats. It’s the first update since 2017 and there were some significant changes, including some categories being combined and threats shifting in order of criticality. Two things jumped out at us, with context from OWASP:
We’ve recognized for years that both of these are underappreciated and critical risks. While it’s not good news that they continue to be among the top 10 web app security threats, OWASP’s updated list is a huge validation of the philosophy and focus of AppOmni.
The shared responsibility model for SaaS security is essential knowledge and practice for all organizations but doesn’t get the recognition it deserves. Some organizations just may not be aware that security is incumbent on both them and their SaaS vendors: The vendors have a responsibility to deliver a secure platform, and the customer has a responsibility to secure their data. It’s a tall order to manage configurations and secure data on multiple SaaS platforms, and that’s where AppOmni can help.