Menu

OWASP Scanning

OWASP Scanning

What is OWASP Scanning?

The purpose of OWASP (Open Web Application Security Project) Scanning is to test your website against the most common vulnerabilities.

It is important to make sure your website is protected against these vulnerabilities. OWASP Tests are automated scans that scan your website against the vulnerabilities, and lets you know where your website stands. 

The Top 10 vulnerabilities are chosen from security experts all over the world. 

“OWASP refers to the Top 10 as an ‘awareness document’ and recommends that all organisations incorporate the report into their processes in order to mitigate security risks. One thing to remember, it is not a standard. Organisations can define the matrix based on their own environment. This also means that it’s not just OWASP who defines Top10 but takes data from so many people, organisations and then opens it up for us to post the feedback. Analysis is very interesting and actually got Top 10 a total of forty-three CWE.” –  owasp.org

Click here to watch the video on the OWASP Spotlight series

CyberSecure Canada Certification

Did you know that OWASP Scanning is part of the CyberSecure Canada Certification requirements?

To pass the “Secure Websites” security control, your organization must test your website against the OWASP Top 10 vulnerabilities, and provide documentation demonstrating that your organization understands the ASVS levels and which level would apply to your organization’s websites.

What are the OWASP Top 10 Vulnerabilities?

1

Broken Access Control

2

Cryptographic Failures

3

Injection

4

Insecure Design

5

Security Misconfiguration

6

Vulnerable and Outdated Components

7

Identification and Authentication Failures

8

Software and Data Integrity Failures

9

Security Logging and Monitoring Failures

10

Server Side Request Forgery (SSRF)

Questions? We are here to help.

Contact us today
Cyber Risk Service
Back To Top