Tanya Janca | SheHacksPurple 
Big news in #AppSec: the #OWASP Top 10 2025 is now available! I'm part of the project team and ALL OF US want every dev, security engineer, and leader to read it (please).
1/5
Why does it matter? Because we've updated the items to match wasn't happening RIGHT NOW in industry. Breaches keep happening, and we need updated advice.
2/5
2/5
In this edition:
• A01 Broken Access Control remains #1: the most serious risk we’re facing.
• A02 Security Misconfiguration moves up to #: configuration mistakes keep happening.
• A03 Software Supply Chain Failures is significantly expanded. It's more than dependencies!
3/5
• A01 Broken Access Control remains #1: the most serious risk we’re facing.
• A02 Security Misconfiguration moves up to #: configuration mistakes keep happening.
• A03 Software Supply Chain Failures is significantly expanded. It's more than dependencies!
3/5
BRAND NEW:
A10 Mishandling of Exceptional Conditions. Error handling MATTERS, and it’s time we talk about it, and how to do it correctly and safely.
4/5
My ask:
✅ Download the doc
✅ Start conversations with your dev & security teams about what to do, not just what to avoid. 🙏
https://twp.ai/9PYGnS
5/5
✅ Download the doc
✅ Start conversations with your dev & security teams about what to do, not just what to avoid. 🙏
https://twp.ai/9PYGnS
5/5