I’ve just launched the first OWASP Application Security Awareness Campaign with 11 Posters of the OWASP Top Ten 2021 project.

2021 Top Ten Overview

Working with OWASP, I have just launched the first of many Application Security Awareness campaigns. The new incubator project where you can download the campaigns is:

OWASP Application Security Awareness Campaigns

The idea of the project is to help Application Security people build security awareness in the engineering teams. The project will offer campaigns made up of posters that can be printed and put up around the office, as well as smaller images for use in emails you can put your own branding on to reinforce the message by sending the material directly to the mailboxes of your engineers.

In this first release there are 11 posters and email templates:

  1. Top Ten Overview
  2. A01:2021 - Broken Access Control
  3. A02:2021 - Cryptographic Failures
  4. A03:2021 - Injection
  5. A04:2021 - Insecure Design
  6. A05:2021 - Security Misconfiguration
  7. A06:2021 - Vulnerable and Outdated Components
  8. A07:2021 - Identification and Authentication Failures
  9. A08:2021 - Software and Data Integrity Failures
  10. A09:2021 - Security Logging and Monitoring Failures
  11. A10:2021 - Server-Side Request Forgery (SSRF)
Top Ten A01:2021 Top Ten A02:2021
Top Ten A03:2021 Top Ten A04:2021
Top Ten A05:2021 Top Ten A06:2021
Top Ten A07:2021 Top Ten A08:2021
Top Ten A09:2021 Top Ten A10:2021

There will be a “What is AppSec?” poster coming soon.