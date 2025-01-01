Copy article link

What is the OWASP API Security Top 10?

The Open Web Application Security Project (OWASP) is a non-profit organization whose goal is to promote web application security. OWASP offers many free resources for building a more secure web application.

One of the organization’s most widely referenced resources is the OWASP Top 10, which lists the 10 biggest security concerns for web applications. OWASP also maintains a separate, similar list for application programming interfaces (APIs), which are crucial for powering most web and mobile experiences.

APIs can fuel competitive advantages for businesses by providing business intelligence, facilitating cloud deployments, and enabling integration of AI capabilities. But at the same time, APIs can introduce new risks by allowing outside parties to access applications, share data, and run potentially sensitive workflows.

This OWASP API Security Top 10, most recently published in 2023, highlights key issues that organizations should address to better protect their APIs, applications, and data. The list includes: