---

layout: col-sidebar
title: OWASP Top Ten Web Application Security Risks
tags: top10
type: documentation
altfooter: true
level: 4
auto-migrated: 0
pitch: The OWASP Top 10 is the reference standard for the most critical web application security risks. Adopting the OWASP Top 10 is perhaps the most effective first step towards changing your software development culture focused on producing secure code.

---

The most current released version is the [OWASP Top Ten 2025](https://owasp.org/Top10/2025/).

Previous versions are available at [OWASP Top Ten 2021](https://owasp.org/Top10/2021/) and [OWASP Top 10 2017 (PDF)](/www-pdf-archive/OWASP_Top_10-2017_%28en%29.pdf.pdf). Older versiona are available in the [Github repo](https://github.com/OWASP/Top10).

The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.

<p class="callout-mono right">Globally recognized by developers as the first step towards more secure coding.</p>

Companies should adopt this document and start the process of ensuring that their web applications minimize these risks. Using the OWASP Top 10 is perhaps the most effective first step towards changing the software development culture within your organization into one that produces more secure code.<br>
<br>