Checklist
OWASP API security top 10
The OWASP API Security Top 10 (2023) — the most critical security risks to APIs. Use this checklist when designing or reviewing a REST, GraphQL, or RPC API.
https://owasp.org/API-Security/editions/2023/en/0x11-t10/- 53 items
- 10 sections
- Reusable template
Your progress
0 of 53 items complete
0%
complete
Saved in your browser. Sign in to Checksy to share progress with your team.
API1 Broken object level authorization
API2 Broken authentication
API3 Broken object property level authorization
API4 Unrestricted resource consumption
API5 Broken function level authorization
API6 Unrestricted access to sensitive business flows
API7 Server side request forgery
API8 Security misconfiguration
API9 Improper inventory management
API10 Unsafe consumption of APIs
Run this checklist for real
Save your progress, share with your team, and turn this into a reusable template. This helps you track how you improve over time.