“EVOLVING TRENDS IN WEB APPLICATION VULNERABILITIES: A COMPARATIVE STUDY OF OWASP TOP 10 2017 AND OWASP TOP 10 2021”
Motivation - The motivation behind conducting a research on the evolving trends in web application vulnerabilities, specifically through a comparative study of the OWASP Top 10 2017 and OWASP Top 10 2021, stems from the ever-changing nature of the cybersecurity landscape. As technology advances and new threats emerge, it is crucial to stay updated with the latest trends and vulnerabilities that pose risks to web applications.
By analyzing and comparing the two versions of the OWASP Top 10, we can gain valuable insights into the shifting priorities and emerging threats in web application security. This research paper aims to provide a comprehensive understanding of the evolving trends in web application vulnerabilities, enabling developers, security professionals, and organizations to adapt their security practices and strategies accordingly.
Furthermore, understanding the changes between the OWASP Top 10 2017 and OWASP Top 10 2021 lists can shed light on the effectiveness of previous mitigation strategies and the need for new approaches to address emerging vulnerabilities. This research paper aims to bridge the gap between the past and present, providing a comprehensive analysis of the evolving trends in web application vulnerabilities and offering insights into the future direction of web application security.
Subject has been chosen as part of the project work being undertaken as part of partial fulfillment of an M. Tech Degree on Technology Management.
Methodology - Extensive literature survey of conference/ Journal papers has been carried out in addition to attending workshops/ Video lecture to gather the required information. The methodology employed for conducting a comparative study of the OWASP Top 10 2017 and OWASP Top 10 2021 was designed to ensure rigor, comprehensiveness, and objectivity of the research.
Abstract - Web application vulnerabilities pose significant risks to the security and integrity of digital systems. As the threat landscape evolves, it is crucial to stay updated with the latest trends and vulnerabilities that impact web applications. The Open Web Application Security Project (OWASP) periodically updates its Top 10 vulnerabilities list to reflect the changing nature of these risks. In this research paper, through a detailed analysis of the two versions of the OWASP Top 10, we examine the changes in rankings, additions, and omissions of vulnerabilities. We highlight key differences and implications for web application security, providing insights into the shifting priorities and emerging threats. The removal of certain vulnerabilities and the addition of new ones in the 2021 list indicate the evolving threat landscape and the need for updated mitigation strategies.Furthermore, we discuss the impact of these vulnerabilities on web application security and the potential consequences they pose to organizations and users. By understanding the evolving trends, developers, security professionals, and organizations can adapt their security practices and strategies to effectively mitigate these risks.
Overall, this research paper aims to contribute to the field of web application security by providing a detailed comparative study of the OWASP Top 10 2017 and OWASP Top 10 2021. The insights gained from this study can inform the development of robust security measures and help organizations stay ahead of evolving threats in web application vulnerabilities.
Keywords - Vulnerability, OWASP, Cybersecurity, Injection, Authentication.