OWASP Top Ten Proactive Controls 2018

About this Project

About this Project

Insecure software is undermining our financial, healthcare, defense, energy, and other critical infrastructure worldwide. As our digital, global infrastructure gets increasingly complex and interconnected, the difficulty of achieving application security increases exponentially. We can no longer afford to tolerate relatively simple security problems.

Aim & Objective

The goal of the OWASP Top 10 Proactive Controls project (OPC) is to raise awareness about application security by describing the most important areas of concern that software developers must be aware of. We encourage you to use the OWASP Proactive Controls to get your developers started with application security. Developers can learn from the mistakes of other organizations. We hope that the OWASP Proactive Controls is useful to your efforts in building secure software.

Call to Action

Please don’t hesitate to contact the OWASP Proactive Control project with your questions, comments, and ideas, either publicly to our email list or privately to [email protected], mailto:[email protected].

This document is released under the Creative Commons Attribution ShareAlike 3.0 license. For any reuse or distribution, you must make it clear to others the license terms of this work.

Project Leaders

  • Katy Anton
  • Jim Bird
  • Jim Manico


  • Chris Romeo   Dan Anderson   David Cybuck
  • Dave Ferguson Josh Grossman Osama Elnaggar
  • Colin Watson   Rick Mitchell   And many more…