Top Automated Threats To
Web And Mobile Applications

OWASP Top 20 Automated Threats

All OWASP Threats

The Open Web Application Security Project (OWASP) is a worldwide non-profit organization focused on improving the security of software. The OWASP Top 20 represents the most critical automated threats.

Shape defends against increasingly sophisticated automated cyberattacks that employ advanced techniques to evade traditional security solutions such as WAFs, IPC, and DDoS tools. Automated threats are responsible for millions in cyberfraud losses per day and target web and mobile applications of retailers, banks, airlines, healthcare organizations and government agencies.

OWASP Automated Threat List

Corporations and government agencies are increasingly vulnerable to automated cyberattacks. OWASP recently published a list of twenty automated threats. For detailed information download the OWASP Automated Threat Handbook.

Account Aggregation (OAT-020)

Account Creation (OAT-019)

Ad Fraud (OAT-003)

CAPTCHA Bypass (OAT-009)

Carding (OAT-001)

Card Cracking (OAT-010)

Cashing Out (OAT-012)

Credential Cracking (OAT-007)

Credential Stuffing (OAT-008)

Denial of Service (OAT-015)

Expediting (OAT-006)

Fingerprinting (OAT-004)

Footprinting (OAT-018)

Scalping (OAT-005)

Scraping (OAT-011)

Skewing (OAT-016)

Sniping (OAT-013)

Spamming (OAT-017)

Token Cracking (OAT-002)

Vulnerability Scanning & Exploitation (OAT-014)

For detailed information on all twenty listed OWASP automated threats download the OWASP Automated Threat Handbook.

3 minute preview

Avivah Litan:

VP Distinguished Analyst, Gartner

How to Stop Automated Attacks on Web Applications.
Learn how and why automation-based attacks pose serious threats to web applications.

View Full On-Demand Webinar

Assess your current automated threat level

Get Threat Assessment