Kontra OWASP Top 10 for API

KONTRA's OWASP Top 10 for API is a series of free interactive application security training modules that teach developers how to identify and mitigate security vulnerabilities in their web API endpoints.

• Improper Assets Management

  NEW

  

• Excessive Data Exposure

  NEW

  

• Broken Object Level Authorization

  NEW

  

• Broken User Authentication

  NEW

  

• Lack of Resources & Rate Limiting

  NEW

  

• Broken Function Level Authorization

  NEW

  

• Mass Assignment

  NEW

  

• Security Misconfiguration - Part 1

  NEW

  

• SQL Injection

  NEW

  

• Insufficient Logging & Monitoring

  NEW

  

• XXE Injection

  NEW

  

• Security Misconfiguration - Part 2

  NEW

  

• Command Injection

  NEW