OWASP API Security Top 10 2023 Dashboard¶
The OWASP API Security Top 10 is a gold standard for the evaluation of security risk in APIs. To help you measure your API's security posture against these API threats, Wallarm offers the dashboard that provides clear visibility and metrics for threat mitigation.
Covering the OWASP API Security Top 10 2023, the dashboard allows you to assess the overall security state and proactively implement security controls to address identified issues.
Threat assessment¶
Wallarm estimates the risk for each API threat based on applied security controls and discovered vulnerabilities:
-
Red - it happens if there are no security controls applied or your APIs have active high risk vulnerabilities.
-
Yellow - it happens if security controls are only partially applied or your APIs have active medium or low risk vulnerabilities.
-
Green indicates that your APIs are protected and do not have open vulnerabilities.
For each OWASP API Top 10 threat you can find detailed info about the threat, available security controls, corresponding vulnerabilities, and investigate related attacks:
Wallarm security controls for OWASP API 2023¶
Wallarm security platform provides full-fledged protection against OWASP API Security Top 10 2023 by the following security controls:
| OWASP API Top 10 threat 2023 | Wallarm security controls |
|---|---|
| API1:2023 Broken Object Level Authorization |
|
| API2:2023 Broken Authentication |
|
| API3:2023 Broken Object Property Level Authorization |
|
| API4:2023 Unrestricted Resource Consumption |
|
| API5:2023 Broken Function Level Authorization |
|
| API6:2023 Unrestricted Access to Sensitive Business Flows |
|
| API7:2023 Server Side Request Forgery |
|
| API8:2023 Security Misconfiguration |
|
| API9:2023 Improper Inventory Management |
|
| API10:2023 Unsafe Consumption of APIs |
|