| name | owasp-security |
| description | Comprehensive OWASP-aligned security guidance across six standards - Top 10 (2021) for web apps, ASVS 5.0, MASVS v2.1.0 for mobile, API Security Top 10 (2023), Kubernetes Top 10 (2022), and the Agentic Applications 2026 edition for AI/LLM. Use for security reviews, vulnerability audits, secure auth/crypto/access-control implementation, Kubernetes manifest hardening, and LLM/agent prompt-injection defense - including indirect requests like "is this login flow secure?", "review this endpoint", or "audit my pod spec". |
Comprehensive OWASP Security Skills
A developer-focused security reference covering six OWASP standards for securing web applications, APIs, mobile apps, containers, and AI/LLM systems. Each section provides concise detection guidance, key requirements, and mitigation strategies.
Quick Navigation
- OWASP Top 10 (2021)
- OWASP ASVS 5.0
- OWASP MASVS v2.1.0
- OWASP API Security Top 10
- OWASP Kubernetes Top 10
- OWASP Agentic Applications 2026
Section 1: OWASP Top 10 (2021)
The OWASP Top 10 represents the most critical security risks in web applications.
A01: Broken Access Control
Detection: URLs with direct ID references (/user/1234/orders); client-side only enforcement; missing authorization checks.
Mitigation: Enforce server-side authorization for every sensitive operation; verify user ownership of resources; implement default-deny principle.
Example:
app.get('/users/:id/orders', (req, res) => {
const orders = db.query('SELECT * FROM orders WHERE user_id = ?', req.params.id);
res.json(orders);
});
app.get('/users/:id/orders', (req, res) => {
if (req.user.id !== parseInt(req.params.id)) return res.status(403).json({error: 'Forbidden'});
const orders = db.query('SELECT * FROM orders WHERE user_id = ?', req.params.id);
res.json(orders);
});
Checklist: ☐ Authorization on server for all sensitive ops ☐ Default-deny policy ☐ No ID-based obscurity ☐ Whitelist allowed fields
A02: Cryptographic Failures
Detection: Sensitive data in plaintext; weak encryption (DES, ECB); missing TLS; hardcoded secrets in code.
Mitigation: Always use HTTPS/TLS; encrypt data at rest with AES-256; store secrets in environment variables or vaults; mask sensitive logs.
Example:
api_key = "sk-abc123xyz789"
import os
api_key = os.getenv("API_KEY")
if not api_key: raise ValueError("API_KEY not set")
Checklist: ☐ HTTPS enforced ☐ AES-256 encryption at rest ☐ No secrets in code ☐ Sensitive data masked in logs
A03: Injection (SQL, Command, NoSQL)
Detection: String concatenation in queries; exec, query, run with user input; no prepared statements.
Mitigation: Use parameterized queries; whitelist input; avoid string concatenation; use safe APIs (subprocess.run with list args).
Example:
os.system("tar -czf " + filename + " /var/data")
import subprocess
subprocess.run(["tar", "-czf", filename, "/var/data"], check=True)
Checklist: ☐ Parameterized queries only ☐ No string concat ☐ Whitelist input ☐ Safe subprocess calls
A04: Insecure Design
Detection: No threat modeling; missing security controls by design; no authentication/authorization from the start.
Mitigation: Implement threat modeling early; design security in from the beginning; use established security libraries/patterns.
Checklist: ☐ Threat modeling completed ☐ Security controls in design ☐ Auth/authz from start ☐ Security review in SDLC
A05: Security Misconfiguration
Detection: Debug mode enabled; default credentials; verbose error messages; missing security headers; exposed APIs.
Mitigation: Disable debug mode; change defaults; hide version info; implement security headers (HSTS, CSP, X-Frame-Options).
Example:
app.debug = True
app.debug = False
app.config['HSTS_MAX_AGE'] = 31536000
Checklist: ☐ Debug disabled ☐ Defaults changed ☐ Security headers set ☐ No version disclosure
A06: Vulnerable & Outdated Components
Detection: Old versions in package.json/requirements.txt; unpatched frameworks; deprecated libraries.
Mitigation: Regularly audit dependencies with npm audit, pip safety, Snyk; remove unused packages; keep frameworks patched.
Checklist: ☐ Dependency audits regular ☐ No outdated versions ☐ Unused deps removed ☐ CI/CD security scanning
A07: Authentication Failures
Detection: Weak passwords; no MFA; predictable session IDs; weak password reset tokens; no rate limiting on login.
Mitigation: Hash passwords (bcrypt/Argon2); implement MFA; generate cryptographically secure session IDs; rate-limit failed attempts.
Checklist: ☐ Strong password hashing ☐ MFA available ☐ Secure session IDs ☐ Rate limiting on login
A08: Software/Data Integrity Failures
Detection: Unsigned updates; unverified dependencies; unsafe deserialization (pickle, Java ObjectInputStream).
Mitigation: Sign and verify all updates; use JSON instead of native serialization; whitelist allowed classes; verify checksums.
Checklist: ☐ Updates signed/verified ☐ JSON used for serialization ☐ No unsafe deserialization ☐ Checksums verified
A09: Logging & Monitoring Failures
Detection: No security event logging; logs contain secrets; no centralized logging; no alerts for anomalies.
Mitigation: Log authentication events, access denials, config changes; centralize logs; implement alerts for suspicious patterns.
Checklist: ☐ Security events logged ☐ No secrets in logs ☐ Logs centralized ☐ Alerts for anomalies
A10: Server-Side Request Forgery (SSRF)
Detection: App fetches URLs from user input; no URI validation; internal IP ranges accessible.
Mitigation: Validate/sanitize URLs; whitelist domains; block internal IP ranges (10.0.0.0/8, 127.0.0.1); use allowlists.
Checklist: ☐ URLs validated ☐ Domains whitelisted ☐ Internal IPs blocked ☐ Protocols restricted
Section 2: OWASP ASVS 5.0 (Application Security Verification Standard)
ASVS defines security requirements across three verification levels (L1: Basic, L2: Standard, L3: Advanced).
Authentication Requirements
| Level | Key Requirements |
|---|
| L1 | Password policies (≥8 chars) over HTTPS; brute force protection; identity verification |
| L2 | Strong hashing (bcrypt/Argon2); MFA for sensitive ops; rate-limited login; account lockout |
| L3 | Adaptive authentication; hardware-backed cryptography; step-up auth; comprehensive audit logging |
Access Control Requirements
| Level | Key Requirements |
|---|
| L1 | Access control policies enforced; default deny principle; roles/permissions documented |
| L2 | Granular object/property-level controls; privilege escalation detection; token validation per request |
| L3 | Policy/attribute-based access control; cryptographic verification; real-time enforcement; full audit trails |
Cryptography Requirements
| Level | Key Requirements |
|---|
| L1 | AES-256 at rest; TLS 1.2+; authenticated encryption mode (GCM/CBC); secure key storage |
| L2 | Key rotation schedule; industry-standard crypto libraries; cryptographically secure RNG; proper KDF |
| L3 | HSM integration; cryptographic agility; perfect forward secrecy; key escrow/recovery |
Input Validation & Encoding
| Level | Key Requirements |
|---|
| L1 | Whitelist validation; server-side validation only; proper output encoding; SQL injection protection |
| L2 | Parameterized queries; type/length validation; context-aware encoding; XSS protection |
| L3 | Semantic validation; XXE/XML bomb protection; comprehensive injection defense; cryptographic verification |
Session Management
| Level | Key Requirements |
|---|
| L1 | Random session IDs (≥128 bits); HTTP-only/secure flags; session expiration; logout invalidation |
| L2 | Token regeneration post-auth; concurrent session limits; encrypted server-side storage; idle/absolute timeouts |
| L3 | Cryptographic token binding; session fixation protection; anomaly monitoring; tamper detection |
Section 3: OWASP MASVS v2.1.0 (Mobile Security)
Mobile applications require specialized security attention due to unique threat models: device-specific vulnerabilities, platform differences (iOS vs Android), and user data sensitivity.
What it is: MASVS defines 8 control groups with L1/L2/L3 verification levels for mobile app security.
When to use: Any iOS or Android app security review, secure storage implementation, biometric authentication, network communication hardening.
Core Control Groups
STORAGE — Protecting Sensitive Data at Rest
L1 Requirements:
- Sensitive credentials never stored in plaintext
- Exclude sensitive data from backups
- Use platform credential storage APIs
iOS Implementation (Secure):
import Security
func storePassword(account: String, password: String) {
let passwordData = password.data(using: .utf8)!
let query: [String: Any] = [
kSecClass as String: kSecClassGenericPassword,
kSecAttrAccount as String: account,
kSecValueData as String: passwordData,
kSecAttrAccessible as String: kSecAttrAccessibleWhenUnlockedThisDeviceOnly
]
SecItemAdd(query as CFDictionary, nil)
}
Android Implementation (Secure):
import androidx.security.crypto.EncryptedSharedPreferences
import androidx.security.crypto.MasterKeys
val masterKey = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC)
val encryptedSharedPreferences = EncryptedSharedPreferences.create(
"secret_shared_prefs",
masterKey,
context,
EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
)
encryptedSharedPreferences.edit().putString("api_key", "secret").apply()
CRYPTO — Cryptographic Standards
L1 Requirements: No hardcoded keys, AES-256 for encryption, SHA-256 for hashing
L2 Requirements: Secure key storage, proper key derivation (PBKDF2), authenticated encryption (GCM mode)
L3 Requirements: HSM integration, key rotation, cryptographic agility
AUTH — Authentication & Biometric Security
Secure Biometric Implementation (iOS):
import LocalAuthentication
func authenticateWithBiometric() {
let context = LAContext()
let reason = "Authenticate to access sensitive data"
context.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics,
localizedReason: reason) { success, error in
if success {
KeychainManager.retrieveToken()
}
}
}
NETWORK — TLS & Certificate Pinning
L1 Requirements: TLS 1.2+ for all communications
L2 Requirements: Certificate pinning implementation
L3 Requirements: Mutual TLS (mTLS) support
Android Network Security Config (Secure Pinning):
<network-security-config>
<domain-config cleartextTrafficPermitted="false">
<domain includeSubdomains="true">api.example.com</domain>
<pin-set>
<pin digest="SHA-256">+MIIBIjANBgkqhkiG9w0BAQEF...</pin>
</pin-set>
</domain-config>
</network-security-config>
PLATFORM — OS Integration & WebView Security
L1 Requirements: Validate deep links, secure IPC, WebView hardening
L2 Requirements: Intent filter verification (Android), Universal Links (iOS)
L3 Requirements: Sensitive intent filters protected, WebView with JavaScript disabled unless functionally required
CODE — Vulnerable Dependencies & Version Management
L1 Requirements: Target latest SDK (Android 34+, iOS 15+), scan dependencies
L2 Requirements: No hardcoded secrets, OTA update verification
L3 Requirements: Code obfuscation (R8/ProGuard on Android, LinkMap on iOS)
RESILIENCE — Jailbreak/Root Detection
L1 Requirements: Detect modified environment
L2 Requirements: Block execution on compromised devices
L3 Requirements: Continuous monitoring, graceful degradation
Android Root Detection (Secure):
fun isDeviceCompromised(): Boolean {
if (File("/data/adb/magisk").exists()) return true
val suPath = ProcessBuilder("which", "su").start()
return suPath.waitFor() == 0
}
PRIVACY — Data Minimization & Privacy Disclosures
L1 Requirements: Minimal PII collection, privacy policy required
L2 Requirements: Permission rationale, user consent for data sharing
L3 Requirements: Privacy by design, differential privacy techniques
Section 4: OWASP API Security Top 10 (2023) — Detailed
REST and GraphQL APIs have unique security challenges different from traditional web apps.
What it is: 10 critical risks specific to API design, authentication, and data exposure.
When to use: Building or securing REST/GraphQL APIs, token-based authentication, rate limiting, property-level authorization.
Common API Risks with Examples
API1: Broken Object-Level Authorization (BOLA)
Detection: Incrementing or predictable IDs in API calls allow access to other users' objects.
Vulnerable Example:
app.get('/api/orders/:id', (req, res) => {
const order = db.query('SELECT * FROM orders WHERE id = ?', req.params.id);
res.json(order);
});
Secure Implementation:
app.get('/api/orders/:id', (req, res) => {
const order = db.query('SELECT * FROM orders WHERE id = ? AND user_id = ?',
[req.params.id, req.user.id]);
if (!order) return res.status(404).json({error: 'Not found'});
res.json(order);
});
function generateOpaqueId(actualId) {
return Buffer.from(`${actualId}:${randomBytes(16)}`).toString('base64');
}
API2: Broken Authentication
Vulnerable: Weak JWT signing algorithm, no token expiration, no signature validation.
Vulnerable Code:
const decoded = JSON.parse(Buffer.from(token.split('.')[1], 'base64'));
const userId = decoded.user_id;
Secure Code:
const jwt = require('jsonwebtoken');
const SECRET = process.env.JWT_SECRET;
function verifyToken(token) {
try {
const decoded = jwt.verify(token, SECRET, {
algorithms: ['HS256'],
issuer: 'api.example.com'
});
return decoded;
} catch (err) {
throw new Error('Invalid token');
}
}
API3: Broken Property-Level Authorization
Detection: API returns or allows modification of fields user shouldn't access.
Vulnerable:
app.get('/api/user/:id', (req, res) => {
const user = db.query('SELECT * FROM users WHERE id = ?', req.params.id);
res.json(user);
});
Secure:
const fieldWhitelist = {
'user': ['id', 'name', 'email', 'created_at'],
'admin': ['id', 'name', 'email', 'role', 'created_at', 'last_login']
};
app.get('/api/user/:id', (req, res) => {
const user = db.query('SELECT * FROM users WHERE id = ?', req.params.id);
const allowed = fieldWhitelist[req.user.role] || [];
const filtered = Object.keys(user)
.filter(key => allowed.includes(key))
.reduce((obj, key) => ({ ...obj, [key]: user[key] }), {});
res.json(filtered);
});
API4: Resource Consumption Attacks
Detection: No rate limiting, no request size limits, missing quotas.
Secure Implementation:
const rateLimit = require('express-rate-limit');
const limiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: 100,
keyGenerator: (req) => req.user.id,
message: 'Too many requests, please try again later.'
});
app.use(express.json({ limit: '1mb' }));
app.get('/api/items', (req, res) => {
const limit = Math.min(parseInt(req.query.limit) || 10, 100);
const items = db.query('SELECT * FROM items LIMIT ?', [limit]);
res.json(items);
});
API5: Function-Level Authorization
Detection: Admin functions (delete user, export data) accessible to regular users.
Secure Implementation:
function requireRole(role) {
return (req, res, next) => {
if (req.user.role !== role) {
return res.status(403).json({ error: 'Insufficient permissions' });
}
next();
};
}
app.delete('/api/users/:id', requireRole('admin'), (req, res) => {
db.query('DELETE FROM users WHERE id = ?', req.params.id);
res.json({ status: 'deleted' });
});
Section 5: OWASP Kubernetes Top 10 (2022) — Container & Infrastructure Security
Kubernetes deployments introduce unique security vectors: RBAC misconfiguration, exposed etcd, insecure network policies.
What it is: 10 critical risks in Kubernetes clusters and containerized environments.
When to use: Securing Kubernetes clusters, hardening pod configurations, RBAC setup, secrets management, network policies.
Key Kubernetes Security Controls
K01: Workload Configuration
Vulnerable Pod (Insecure):
apiVersion: v1
kind: Pod
metadata:
name: vulnerable-app
spec:
containers:
- name: app
image: myapp:latest
securityContext:
privileged: true
resources: {}
Secure Pod (Best Practices):
apiVersion: v1
kind: Pod
metadata:
name: secure-app
spec:
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
containers:
- name: app
image: myapp:latest
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
resources:
limits:
memory: "256Mi"
cpu: "500m"
requests:
memory: "128Mi"
cpu: "250m"
volumeMounts:
- name: tmp
mountPath: /tmp
volumes:
- name: tmp
emptyDir: {}
K02: RBAC Misconfiguration
Vulnerable RBAC (Insecure):
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: developer
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["*"]
Secure RBAC (Least Privilege):
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: app-reader
rules:
- apiGroups: [""]
resources: ["pods", "services"]
verbs: ["get", "list"]
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["get"]
K03: Secrets Management
Vulnerable (Exposed):
apiVersion: v1
kind: Pod
metadata:
name: app-with-secrets
spec:
containers:
- name: app
image: myapp:latest
env:
- name: DB_PASSWORD
value: "plaintext-password-123"
Secure (Using Secret):
apiVersion: v1
kind: Secret
metadata:
name: db-credentials
type: Opaque
data:
password: cGFzc3dvcmQtMTIzNA==
---
apiVersion: v1
kind: Pod
metadata:
name: app-with-secrets
spec:
containers:
- name: app
image: myapp:latest
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: db-credentials
key: password
Enable Encryption at Rest in etcd:
apiVersion: apiserver.config.k8s.io/v1
kind: EncryptionConfiguration
resources:
- resources:
- secrets
providers:
- aescbc:
keys:
- name: key1
secret: <base64-encoded-secret-key>
K04: Policy Enforcement
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingAdmissionPolicy
metadata:
name: image-signature-verify
spec:
failurePolicy: Fail
matchConstraints:
resourceRules:
- apiGroups: [""]
apiVersions: ["v1"]
operations: ["CREATE", "UPDATE"]
resources: ["pods"]
validations:
- expression: "object.spec.containers.all(c, c.image.startsWith('gcr.io/my-registry/'))"
message: "All container images must come from gcr.io/my-registry/"
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingAdmissionPolicyBinding
metadata:
name: image-signature-verify-binding
spec:
policyName: image-signature-verify
validationActions: [Deny]
matchResources:
namespaceSelector: {}
K05: Network Segmentation
Vulnerable (All traffic allowed):
Secure (Deny-All Default):
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: default-deny-all
spec:
podSelector: {}
policyTypes:
- Ingress
- Egress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-frontend-to-backend
spec:
podSelector:
matchLabels:
tier: backend
policyTypes:
- Ingress
ingress:
- from:
- podSelector:
matchLabels:
tier: frontend
ports:
- protocol: TCP
port: 8080
Section 6: OWASP Agentic Applications 2026
Status: Released by the OWASP GenAI Security Project in December 2025 as the 2026 edition. Note: the AG01–AG10 codes below are this guide's own shorthand and are not official OWASP identifiers — the published taxonomy uses LLM01–LLM10 (LLM Applications) and ASI01–ASI10 (Agentic Applications). Cross-check against the official lists before citing.
AI and LLM-powered agents introduce novel security risks: prompt injection, data leakage through model outputs, unauthorized tool access, and training data poisoning.
What it is: 10 critical risks specific to LLM agents and autonomous AI systems.
When to use: Building chatbots, agentic systems with tool access, RAG applications, fine-tuned models, evaluating AI model safety.
AI/LLM-Specific Risks
AG01: Prompt Injection
Direct Injection (Vulnerable):
def vulnerable_assistant(user_input):
system_prompt = "You are a helpful customer service assistant."
combined = f"{system_prompt}\n\nUser: {user_input}\nAssistant:"
return llm.generate(combined)
Secure Implementation:
import re
from enum import Enum
def sanitize_input(text):
if len(text) > 5000:
raise ValueError("Input too long")
clean = re.sub(r'[\x00-\x08\x0B-\x0C\x0E-\x1F]', '', text)
return clean
def secure_assistant(user_input):
safe_input = sanitize_input(user_input)
messages = [
{"role": "system", "content": "You are a helpful customer service assistant. Only answer questions about orders."},
{"role": "user", "content": safe_input}
]
return llm.generate(messages)
AG02: Insufficient Input Validation
Vulnerable:
def get_file_content(filename):
import os
if filename.startswith("/"):
raise ValueError("Absolute paths not allowed")
with open(filename, 'r') as f:
return f.read()
Secure:
from pathlib import Path
def get_file_content(filename, allowed_dir="/app/docs"):
requested_path = (Path(allowed_dir) / filename).resolve()
allowed_path = Path(allowed_dir).resolve()
if not requested_path.is_relative_to(allowed_path):
raise ValueError("Path traversal attempt")
if not requested_path.exists():
raise ValueError("File not found")
return requested_path.read_text()
AG03: Insecure Output Handling
Vulnerable (Leaking Secrets):
def vulnerable_response(user_query):
response = llm.generate(user_query)
return response
Secure (Filtering Sensitive Data):
import re
def filter_sensitive_output(text):
text = re.sub(r'sk-[A-Za-z0-9]{20,}', '[API_KEY_REMOVED]', text)
text = re.sub(r'\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b', '[CC_REMOVED]', text)
text = re.sub(r'[\w\.-]+@[\w\.-]+\.\w+', '[EMAIL_REMOVED]', text)
return text
def secure_response(user_query):
response = llm.generate(user_query)
filtered = filter_sensitive_output(response)
return filtered
AG06: Unauthorized Tool Access
Vulnerable (No Authorization):
class VulnerableAgent:
def execute_tool(self, tool_name, **kwargs):
if tool_name == "delete_user":
db.delete_user(kwargs['user_id'])
elif tool_name == "export_data":
return db.export_all_data()
Secure (Role-Based Authorization):
class SecureAgent:
TOOL_PERMISSIONS = {
'delete_user': ['admin'],
'export_data': ['admin', 'analyst'],
'view_report': ['user', 'admin', 'analyst']
}
def execute_tool(self, tool_name, user_role, **kwargs):
allowed_roles = self.TOOL_PERMISSIONS.get(tool_name, [])
if user_role not in allowed_roles:
raise PermissionError(f"User {user_role} cannot execute {tool_name}")
if tool_name == "delete_user":
if 'user_id' not in kwargs:
raise ValueError("user_id required")
db.delete_user(kwargs['user_id'])
elif tool_name == "export_data":
return db.export_data(max_records=10000)
AG09: Inadequate Logging
Vulnerable (No Visibility):
def agent_query(user_input):
response = llm.generate(user_input)
return response
Secure (Comprehensive Logging):
import logging
import json
from datetime import datetime
logger = logging.getLogger(__name__)
def agent_query(user_input, user_id):
try:
logger.info(json.dumps({
'timestamp': datetime.utcnow().isoformat(),
'user_id': user_id,
'input_length': len(user_input),
'event': 'agent_query_start'
}))
response = llm.generate(user_input)
logger.info(json.dumps({
'timestamp': datetime.utcnow().isoformat(),
'user_id': user_id,
'response_length': len(response),
'event': 'agent_query_complete'
}))
return response
except Exception as e:
logger.error(json.dumps({
'timestamp': datetime.utcnow().isoformat(),
'user_id': user_id,
'error': str(e),
'event': 'agent_query_error'
}))
raise
Cross-Standard Reference
- Authentication: Top 10 A07, ASVS Ch. 2, MASVS-AUTH, API2/API5, K09
- Input Validation: Top 10 A03, ASVS Ch. 5, MASVS-CODE, API8, AG02
- Cryptography: Top 10 A02, ASVS Ch. 6, MASVS-CRYPTO, K03
- Access Control: Top 10 A01, ASVS Ch. 4, API1/API3/API5, K02
- API Security: API Top 10 (all), MASVS-NETWORK
- Infrastructure: K8s Top 10 (all)
- AI/LLM: Agentic Applications (all)
This comprehensive guide covers six OWASP security standards unified for developers. Use this reference for code reviews, security architecture, and hardening web apps, APIs, mobile apps, containers, and AI systems.