One key change in the new top 10 list is the inclusion of many categories (e.g, Insecure Design- A04:2021, Software and Data Integrity Failures- A08:2021) that recognize the industry has to start ...

Software and Data Integrity Failures is an entirely new category for 2021 and focuses primarily on assumptions related to software updates, critical data, and CI/CD pipelines without verifying ...

A02:2021 - Cryptographic Failures A06:2021 - Vulnerable and Outdated Components A07:2021 - Identification and Authentication Failures A09:2021 - Security logging and monitoring failures In addition, ...

Software and Data Integrity Failures (A08:2021): Every Plugin, Library, Module and Supply Chain Matters Another new critical category on the list for 2021 is software and data integrity.

In the 10 years since I launched my consulting/training venture, I’ve worked with thousands of software developers around the world. As you might expect, I’ve seen many software security failures.