OWASP Top 10 2025: What's changed and why it matters

The OWASP Foundation's 2025 edition of the "Top 10 Security Risks" has introduced significant changes, including the addition of two new categories: Software Supply Chain Failures and Mishandling of Exceptional Conditions. The update reflects the evolving landscape of application security and emphasizes the need for security practices that address new vulnerabilities, particularly in configuration and supply chain security. GitLab Ultimate offers tools designed to detect and manage vulnerabilities associated with the new OWASP categories.