Privacy and Cookies

For full functionality, this website places cookies on your computer. In addition, cookies are placed for tracking visitor behavior within Google Analytics. This information helps us improve our website. The cookies contain anonymous information and remain in your browser for a maximum of 2 years. Read more

The OWASP Top 10.

Is secure software the norm? Unfortunately it's not. Because technical developments and innovations follow each other rapidly, new vulnerabilities also arise. At Enigmatry, we work for major clients, such as the Ministry of the Interior and the Ministry of Justice and Security. This requires additional measures on top of the requirements you often see on the commercial market.

Your software must at least meet these requirements.

Because we already regularly work with higher standards, we can easily implement these for other clients. It forms the core of our company and influences our software and application development. In addition to our blueprint and working method, there is an extra check that we always use. That's the OWASP Top 10.

This list has existed for more than ten years, but the government has recently requested a test report for each delivery that refers explicitly to the OWASP Top 10. In the commercial market, few people ask for this report or checklist; in fact, this is a missed opportunity. We'd love to show you why.

What is the OWASP Top 10?

OWASP is an initiative of several developers and trainers to share knowledge and information about security. It is an open-source project, meaning everyone can and may contribute. There is community building with highly experienced software developers from all over the world.

All these security experts and developers share knowledge and vulnerabilities and provide tips. Therefore, the OWASP Top 10 is not a fixed list of points because developments are moving fast. The list is regularly revised, and because it is so up-to-date, it is also used by developers worldwide as a security check.

OWASP stands for Open Web Application Security Project.

- Enigmatry

Why should you use the OWASP Top 10?

With the OWASP Top 10 you can check at an early stage whether the software you are developing is also safe. It is free knowledge handed out on a silver platter. There are even tools and scripts where you can enter the URL. After a short test, you will see your website or application's vulnerabilities. There is, of course, a disclaimer here because if your software is safe on these ten points, there may still be a 'back door open.' So, use the list as an indication, but always consult a professional if in doubt.

Unfortunately, the list is not only used by developers because a list of vulnerabilities is, of course, also extremely useful for hackers. Based on the OWASP Top 10, they often develop automated tools with which they search the internet for weaknesses in servers and software. They do this by the thousands per day, after which they make a shortlist of servers that they investigate further. We have written a white paper about this method and the measures you can take. Knowing more? Download the white paper here.

Where can I find the OWASP Top 10?

A simple search in Google will yield many results, but we prefer to use the OWASP website itself. This is a foundation and can easily be found via Under the Top Ten button, you will find the common vulnerabilities. Would you like to run a test and check your URL? Then here you can.

Ask our security experts.

The technical terms in the OWASP Top 10 may be overwhelming. Would you like to be sure that your application or software is safe? Then schedule a conversation with one of our security experts without any obligation. They have a lot of experience with the OWASP Top 10 and are happy to think along with you.

Want to read more about this subject?

Read all about security baseline, security by design or why your software must be more secure than your neighbors'.