Kontra OWASP Top 10 for API

KONTRA's OWASP Top 10 for API is a series of free interactive application security training modules that teach developers how to identify and mitigate security vulnerabilities in their web API endpoints.

• Broken Function Level Authorization

  

• Broken Object Level Authorization

  

• Broken User Authentication

  

• Command Injection

  

• Excessive Data Exposure

  

• Improper Assets Management

  

• Insufficient Logging & Monitoring

  

• Lack of Resources & Rate Limiting

  

• Mass Assignment

  

• Security Misconfiguration - Part 1

  

• Security Misconfiguration - Part 2

  

• SQL Injection

  

• XXE Injection