Skip to content

Document Structure

New Version Available!

You are looking at the legacy 2018 version of the OWASP Top 10 Proactive Controls. The current version is the OWASP Top 10 Proactive Controls 2024!

This document is structured as a list of security controls. Each control is described as follows:

Cx: Control Name

Description

A detailed description of the control including some best practices to consider.

Implementation

Implementation best practices and examples to illustrate how to implement each control.

Vulnerabilities Prevented

List of prevented vulnerabilities or risks addressed (OWASP TOP 10 Risk, CWE, etc.)

References

List of references for further study (OWASP Cheat sheet, Security Hardening Guidelines, etc.)

Tools

Set of tools/projects to easily introduce/integrate security controls into your software.