SourceClear Blog Breaking Down the OWASP Top 10 API Security Risks 2023 (& What Changed From 2019)

The OWASP Top Ten lists have been the cornerstone for application security best practices for over two decades. The 2019 list was the first edition of the OWASP API Security Top 10. The latest, OWASP API Security Top 10 2023, gives our security and engineering teams a glimpse of attack vectors that are becoming more common. With that in mind, it also helps our security teams to ensure that they have adequate coverage for security testing. The changes in the list reflect the changes in the technology landscape we see today. Cloud-native applications have become increasingly prevalent, with many organizations utilizing other cloud technologies like serverless architectures that greatly increase the risk and footprint of our applications. This changes how you test as well as the strategy you take for ensuring our applications as well as the architecture are secure.  The image below shows what changed at a high level. In the 2023 list, the categories in some cases are a bit broader…