Sign up to save your podcasts
Or
Share Why the OWASP Top 10 Moved (And What It Says About Your Security Practice)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Why the OWASP Top 10 Moved (And What It Says About Your Security Practice)
In this conversation, John and Rocky Giglio discuss the recent updates to the OWASP Top 10 list for 2025, exploring the implications of these changes for application security. They delve into the data behind the rankings, the influence of community feedback, and the importance of secure design practices. The discussion highlights the ongoing challenges in cybersecurity, particularly around misconfiguration and identity management, and emphasizes the need for a holistic approach to security that integrates both software and infrastructure considerations.
Chapters
00:00 Introduction and Technical Challenges
02:00 Exploring OWASP Top 10 Updates
07:01 Understanding OWASP and Its Data Sources
14:02 Community Influence on OWASP Rankings
17:07 Movement in OWASP Top 10: Insights and Implications
20:30 The Challenge of Keeping Up with Technology
21:37 The State of Vulnerability Management
22:44 Cloud Native vs. Traditional Organizations
24:11 Understanding the OWASP Top 10
26:14 Trends in Identification and Authentication
27:12 The Importance of Security Logging and Monitoring
28:55 Balancing Application and Infrastructure Security
30:19 The Role of Secure Design in Security
32:02 The Future of Security Practices
34:38 Understanding Weaknesses vs. Vulnerabilities
36:58 The Importance of Cloud Security Practices
39:45 Shifting Left in Security Practices
41:46 The Need for Continuous Assessment
View all episodes
By Security BrosIn this conversation, John and Rocky Giglio discuss the recent updates to the OWASP Top 10 list for 2025, exploring the implications of these changes for application security. They delve into the data behind the rankings, the influence of community feedback, and the importance of secure design practices. The discussion highlights the ongoing challenges in cybersecurity, particularly around misconfiguration and identity management, and emphasizes the need for a holistic approach to security that integrates both software and infrastructure considerations.
Chapters
00:00 Introduction and Technical Challenges
02:00 Exploring OWASP Top 10 Updates
07:01 Understanding OWASP and Its Data Sources
14:02 Community Influence on OWASP Rankings
17:07 Movement in OWASP Top 10: Insights and Implications
20:30 The Challenge of Keeping Up with Technology
21:37 The State of Vulnerability Management
22:44 Cloud Native vs. Traditional Organizations
24:11 Understanding the OWASP Top 10
26:14 Trends in Identification and Authentication
27:12 The Importance of Security Logging and Monitoring
28:55 Balancing Application and Infrastructure Security
30:19 The Role of Secure Design in Security
32:02 The Future of Security Practices
34:38 Understanding Weaknesses vs. Vulnerabilities
36:58 The Importance of Cloud Security Practices
39:45 Shifting Left in Security Practices
41:46 The Need for Continuous Assessment