In this course, we will look at the OWASP organization and what its purpose is. We’ll dive into the details of how they create the Top Ten list: where it comes from, how they calculate the severity of each risk and how they determine where each risk ranks. We also review the possible disparity between OWASP’s ranking and your own organization’s ranking, depending on your needs. We will also examine Broken Access Control, Cryptographic Failures, Injection Attacks, Insecure Design and Security Misconfiguration. We’ll use demos, graphics and real-life examples to help you understand the details of each of these risks.