OWASP Top Ten Proactive Controls 2018

Document Structure

Document Structure

This document is structured as a list of security controls. Each control is described as follows:

Cx: Control Name


A detailed description of the control including some best practices to consider.


Implementation best practices and examples to illustrate how to implement each control.

Vulnerabilities Prevented

List of prevented vulnerabilities or risks addressed (OWASP TOP 10 Risk, CWE, etc.)


List of references for further study (OWASP Cheat sheet, Security Hardening Guidelines, etc.)


Set of tools/projects to easily introduce/integrate security controls into your software.