{
  "name": "OWASP Top 10 (2021)",
  "description": "Top 10 most critical web application security risks.",
  "enabled_fields": [
    "references"
  ],
  "status_choices": [
    "Not Tested",
    "Out of scope",
    "Fail",
    "Partial",
    "Pass"
  ],
  "categories": [],
  "items": [
    {
      "order": 1,
      "name": "Broken Access Control",
      "reference": "A01:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A01_2021-Broken_Access_Control/>https://owasp.org/Top10/A01_2021-Broken_Access_Control/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 2,
      "name": "Cryptographic Failures",
      "reference": "A02:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A02_2021-Cryptographic_Failures/>https://owasp.org/Top10/A02_2021-Cryptographic_Failures/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 3,
      "name": "Injection",
      "reference": "A03:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A03_2021-Injection/>https://owasp.org/Top10/A03_2021-Injection/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 4,
      "name": "Insecure Design",
      "reference": "A04:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A04_2021-Insecure_Design/>https://owasp.org/Top10/A04_2021-Insecure_Design/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 5,
      "name": "Security Misconfiguration",
      "reference": "A05:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A05_2021-Security_Misconfiguration/>https://owasp.org/Top10/A05_2021-Security_Misconfiguration/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 6,
      "name": "Vulnerable and Outdated Components",
      "reference": "A06:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/>https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 7,
      "name": "Identification and Authentication Failures",
      "reference": "A07:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/>https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 8,
      "name": "Software and Data Integrity Failures",
      "reference": "A08:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/>https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 9,
      "name": "Security Logging and Monitoring Failures",
      "reference": "A09:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/>https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 10,
      "name": "Server-Side Request Forgery",
      "reference": "A10:2021",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/>https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    }
  ]
}