OWASP Top 10 Compliance
OWASP Top10 Compliance dashboard provides visibility into the level of security your applications have in terms of protection from OWASP (Open Web Application Security Project) vulnerabilities. It allows you to assess the effectiveness of your server policy in addressing the OWASP Top 10 security risks.
To use the OWASP Top10 Compliance monitor, you need to enable the OWASP Top10 Compliance option in System > Config > Advanced, or through CLI:
config system advanced
set owasp-top10-compliance enable
end
To view the OWASP Top10 Compliance data, go to Dashboard > OWASP Top 10 Compliance. If it's not available in the Dashboard menu, refer to Monitors for how to add a monitor.
The dashboard is a list of configured policies. The Compliance Rate column evaluates how well your server policy aligns with the best practices recommended by OWASP for mitigating the Top 10 vulnerabilities. It assesses the configuration and rules in place to protect against these risks.
Clicking on the Compliance Rate will display a Detail page. It provides an overview of the level of risk associated with each of the OWASP Top 10 vulnerabilities for your applications. It helps identify areas where additional security measures may be needed to strengthen your defenses.