OWASP API Security Project website screenshot

OWASP API Security Project

The OWASP API Security Project focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces. The project produces and maintains the OWASP API Security Top 10, a community-driven list of the most critical API security risks for developers, architects, and security professionals.

1 APIs 0 Features
SecurityStandardsOWASP

APIs

OWASP API Security Project

The OWASP API Security Project produces and maintains the OWASP API Security Top 10, a list of the most critical API security risks. It provides guidance, tools, and references ...

Pricing Plans

Rate Limits

FinOps

Resources

🔗
Website
Website
🔗
Documentation
Documentation
👥
GitHub
GitHub

Sources

apis.yml Raw ↑
aid: owasp-api-security-project
name: OWASP API Security Project
description: The OWASP API Security Project focuses on strategies and solutions to understand and mitigate the unique vulnerabilities
  and security risks of Application Programming Interfaces. The project produces and maintains the OWASP API Security Top
  10, a community-driven list of the most critical API security risks for developers, architects, and security professionals.
type: Index
position: Consumer
access: 3rd-Party
image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
tags:
- Security
- Standards
- OWASP
created: '2025-01-08'
modified: '2026-04-28'
url: https://raw.githubusercontent.com/api-evangelist/owasp-api-security-project/refs/heads/main/apis.yml
specificationVersion: '0.19'
apis:
- aid: owasp-api-security-project:owasp-api-security-project
  name: OWASP API Security Project
  description: The OWASP API Security Project produces and maintains the OWASP API Security Top 10, a list of the most critical
    API security risks. It provides guidance, tools, and references to help organizations identify and address API-specific
    vulnerabilities such as broken object level authorization, broken authentication, and excessive data exposure.
  humanURL: https://owasp.org/www-project-api-security/
  tags:
  - Security
  - Standards
  properties:
  - type: Documentation
    url: https://owasp.org/www-project-api-security/
  - type: Reference
    url: https://owasp.org/API-Security/editions/2023/en/0x00-header/
common:
- type: Website
  url: https://owasp.org/www-project-api-security/
- type: Documentation
  url: https://owasp.org/www-project-api-security/
- type: GitHub
  url: https://github.com/OWASP/API-Security
maintainers:
- FN: Kin Lane
  email: kin@apievangelist.com