Webinar on updates coming to the OWASP API Top 10 list

As you probably already know, the Open Worldwide Application Security Project (OWASP) Foundation is a nongovernmental organization that publishes and regularly updates a list of the top 10 threats and vulnerabilities affecting online applications, based on community feedback along with its own internal expert analysis.

First published in 2003, the OWASP Top 10 list is an extremely useful resource for IT security professionals allocating security resources, as well as for developers seeking to produce more secure applications.

In 2019, having recognized that the widespread adoption of API-based application development and deployment presented a new attack surface with a new set of associated vulnerabilities and threats, OWASP created a new list, the OWASP API Top 10.

Now, for the first time since its creation, OWASP is preparing to update the API Top 10 list. Proposed changes are still under review, but they have been posted on the OWASP Github site for public comment and are widely expected to be adopted.

Get expert analysis of coming changes

There has been a lot written about the new list and how and why it differs from the 2019 version, including here in Journey Notes. You can read a high-level overview of the proposed changes here and an ongoing series of blog posts takes a deep dive into each item on the new list, beginning here.

However, if you’re like me and prefer to get this kind of information and analysis in a more direct, conversational setting, I highly recommend that you attend a new Barracuda webinar coming up on May 18.

Co-presented by our top application security experts Nitzan Miron and Tushar Richabadas, the webinar will pack a whole lot of information into an hour-long interactive event where you’ll be able to get answers to your questions.

In addition to explaining the specific changes to the Top 10 list and the reasons for them, Nitzan and Tushar will also provide a clear explanation of the overall API threat landscape in 2023. Plus, they’ll go into detail about the latest security strategies and technologies that your peers are already using to minimize or eliminate cyberthreats that target APIs.

New Barracuda Application Protection plans

As you may already know, the IT security industry is trending away from a focus on specific, single-vector products and solutions towards a platform-based approach. Because of Barracuda’s broad array of proven technologies and capabilities, we’re leading the way in delivering updated platform-based offerings that let you address the current threat landscape far more easily and effectively than with a mixed bag of point solutions.

Barracuda Application Protection is our new, comprehensive web application and API protection (WAAP) platform. At the webinar, Nitzan and Tushar will provide a detailed explanation of this new platform offering, including a breakdown of the different plans available. You’ll see how the different plans compare to each other in terms of features and capabilities, as well as how we’ve made purchasing, deploying, and configuring them easier than ever before.

If you’re responsible for your organization’s application security and you want to know more about the evolving landscape of API-based threats and vulnerabilities — as well as how to combat them most effectively — then I urge you to attend this important, timely webinar.