What is OWASP?
An open community focused on improving software security, best known for their Top 10 list of critical web security risks.
Why It Matters
The OWASP Top 10 is the standard reference for web application security vulnerabilities to protect against.
Real-World Example
Using the OWASP Top 10 as a checklist when reviewing your application's security posture.
“Understanding terms like OWASP matters because it helps you have better conversations with developers and make smarter decisions about your software. You do not need to be technical. You just need to know enough to ask the right questions.”
Related Terms
XSS (Cross-Site Scripting)
A security vulnerability where attackers inject malicious scripts into web pages viewed by other users.
SQL Injection
An attack where malicious SQL code is inserted into application inputs to manipulate the database.
CSRF (Cross-Site Request Forgery)
An attack that tricks a logged-in user's browser into making unwanted requests to a site they are authenticated with.
Penetration Testing
Authorised simulated attacks on a system to find security vulnerabilities before real attackers do.
Learn More at buildDay Melbourne
Want to understand these concepts hands-on? Join our one-day workshop and build a real web application from scratch.
Related Terms
XSS (Cross-Site Scripting)
A security vulnerability where attackers inject malicious scripts into web pages viewed by other users.
CSRF (Cross-Site Request Forgery)
An attack that tricks a logged-in user's browser into making unwanted requests to a site they are authenticated with.
SQL Injection
An attack where malicious SQL code is inserted into application inputs to manipulate the database.
Penetration Testing
Authorised simulated attacks on a system to find security vulnerabilities before real attackers do.
Authentication
The process of verifying who someone is, usually through a username and password
Authorisation
Determining what actions or data a verified user is allowed to access