OWASP Top 10

The OWASP Top 10 is the reference standard for the most critical web application security risks. Adopting the OWASP Top 10 is perhaps the most effective first step towards changing your software development culture focused on producing secure code.

About OWASP Top 10

Translation Efforts

Efforts have been made in numerous languages to translate the OWASP Top 10 - 2025. If you are interested in helping, please contact the members of the team for the language you are interested in contributing to, or if you don’t see your language listed (neither here nor at github), please email [email protected] to let us know that you want to help and we’ll form a volunteer group for your language.

Top10:2025 Completed Translations:

Translations in progress - check back soon!

Social

Project Resources

Project Leaders

Andrew van der Stock

Email

Brian Glas

Email

Neil Smithline

Email

Tanya Janca

Email

Torsten Gigler

Email

Project Information

Corporate Supporters
OWASP Logo
OWASP is a nonprofit foundation improving software security through open-source projects, global communities, and education. All resources are free and open to everyone.
Quick Links
ProjectsChaptersCorporate SupportersEventsNewsAboutFinance & governanceFinance (all documents)BoardBoard EUCommunityVisit Store
Legal
Legal
Socials
LinkedInGitHubX (Twitter)FacebookYouTube
OWASP, the OWASP logo, and Global AppSec are registered trademarks and AppSec Days, AppSec California, AppSec Cali, SnowFROC, OWASP Boston Application Security Conference, and LASCON are trademarks of the OWASP Foundation, Inc.
© 2026, OWASP Foundation Inc. All rights reserved.