OWASP Data Security Top 10


Data is the most important asset many organizations posses, yet often data security is not the top priority. Data is fundamentally the only asset companies should thrive to protect. The guide provides information about the most major security risks for storing and moving sensitive and PII information, the challenges involved, and how to overcome them.


OWASP Data Security Top 10 wants to raise awareness about the consequences of the most common data security vulnerabilities and provide basic techniques to identify and protect against them.

Getting Involved

You do not have to be a security expert or a programmer to contribute. Contact the project leader(s) to get involved. We welcome any suggestions and comments. Possible ways to contribute:

  • We are actively looking for organizations and individuals who understand data security challenges.
  • Individuals and organizations contributing to the project will be listed on the acknowledgments page.

Data Security Top 10 2023


The OWASP Data Security Project documents are free to use!

The OWASP Data Security Project is licensed under the Creative Commons Attribution-ShareAlike 4.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


Ovidiu Cical Twitter LinkedIn


Report Reviewers
Name, Company

Planned Projects

  • Data Security Security Top 10
  • DVDS - Damn Vulnerable Data Storage