OWASP Top 10 - 2025 Announcement

Learn about the most critical security risks facing modern applications in this 45-minute conference presentation that unveils the updated OWASP Top 10:2025. Discover how the globally recognized security standard has evolved since the 2021 edition, with expert analysis of shifted, merged, and expanded risk categories that reflect four years of technological advancement. Explore each risk category at a high level, understanding the main security issues and gaining practical context for implementing the Top 10 as a reference point in organizational security programs. Gain insights from industry data and community survey input that shaped this awareness tool designed to help development and security teams baseline the most relevant security concerns. Benefit from the expertise of seasoned application security professionals including Tanya Janca (SheHacksPurple), Neil Smithline, and Brian Glas, who bring decades of combined experience in application security, program development, and academic research to provide authoritative guidance on modern application security risks.

Syllabus

The OWASP Top 25 provides an updated view of modern applications' most common and impactful security risks. Based on both industry data and community survey input, the Top 10 is designed as an awareness tool, helping teams baseline the most relevant security concerns. This talk will walk through the changes since the 2021 edition, highlighting where categories have shifted, merged, or expanded to reflect the changes over the last four years. Each risk category will be introduced at a high level, covering its main issues and offering context for how organizations can use the list as a reference point in their security programs.