The OWASP Top 10 is a data-driven collection of the ten most critical web application security concerns, with the goal of bringing more general awareness to developers and organizations. Although it is not meant as a security standard, it provides the minimum first-step for identifying and remediating web applications risks. This is the first update to the OWASP Top 10 since 2017 and only the 7th update since it’s inception in 2003. So what’s changed in those years? Review the top 10 security risks for web applications and the new additions for 2021, how to begin adopting them for your team or organization as part of your secure coding standard, and what you can do as a developer to design and build web applications that mitigate them.