Open-source software is a great way to add proven functionality to your application, but it comes with risks in the form of software vulnerabilities. If you are using open-source components (and with all likelihood you are), it is important to keep track of new vulnerabilities as they are discovered, so you can upgrade to the latest, patched-up version of the software.
One tool you can use to keep track of open-source vulnerabilities is the list provided by the Open Web Application Security Project (OWASP), which was last updated in 2017. The OWASP Top 10 covers the most critical security risks for web applications.
The following tips should help you protect your software against the OWASP Top 10 vulnerabilities.