From 45d8b537fb9ca19fc08f3e7df5e33035f58b4774 Mon Sep 17 00:00:00 2001 From: 4ravind-b Date: Fri, 23 Jan 2026 12:10:21 +0530 Subject: [PATCH 1/2] docs: clarify OWASP Risk Rating and Risk Assessment Framework reference --- editions/2023/en/0xd0-about-data.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/editions/2023/en/0xd0-about-data.md b/editions/2023/en/0xd0-about-data.md index 3e856f718..80be39807 100644 --- a/editions/2023/en/0xd0-about-data.md +++ b/editions/2023/en/0xd0-about-data.md @@ -37,8 +37,7 @@ threats to get insights into how victims are impacted and how those threats can be mitigated. This effort resulted in an initial draft of what the team believes were the ten -most critical API security risks. The [OWASP Risk Rating Methodology][2] was -used to perform the risk analysis. Prevalence ratings were decided from a +most critical API security risks.The [OWASP Risk Rating Methodology][2] was used to perform the risk analysis. The OWASP Risk Rating Methodology incorporates risk assessment concepts and references the [OWASP Risk Assessment Framework][8] project, which provides guidance on assessing and prioritizing risks.. Prevalence ratings were decided from a consensus among the project team members, based on their experience in the field. For considerations on these matters, please refer to the [API Security Risks][3] section. @@ -71,3 +70,4 @@ attention in APIs. [5]: https://github.com/OWASP/API-Security/issues?q=is%3Aissue+label%3A2023RC [6]: https://github.com/OWASP/API-Security/pulls?q=is%3Apr+label%3A2023RC [7]: ./0xd1-acknowledgments.md +[8]: https://owasp.org/www-project-risk-assessment-framework/ From 3277d9e7bc6f6821dfaf76a8429f5b8e467a0d66 Mon Sep 17 00:00:00 2001 From: 4ravind-b Date: Fri, 23 Jan 2026 12:14:22 +0530 Subject: [PATCH 2/2] docs: clarify OWASP Risk Rating and Risk Assessment Framework reference --- editions/2023/en/0xd0-about-data.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/editions/2023/en/0xd0-about-data.md b/editions/2023/en/0xd0-about-data.md index 80be39807..80aace609 100644 --- a/editions/2023/en/0xd0-about-data.md +++ b/editions/2023/en/0xd0-about-data.md @@ -37,7 +37,7 @@ threats to get insights into how victims are impacted and how those threats can be mitigated. This effort resulted in an initial draft of what the team believes were the ten -most critical API security risks.The [OWASP Risk Rating Methodology][2] was used to perform the risk analysis. The OWASP Risk Rating Methodology incorporates risk assessment concepts and references the [OWASP Risk Assessment Framework][8] project, which provides guidance on assessing and prioritizing risks.. Prevalence ratings were decided from a +most critical API security risks.The [OWASP Risk Rating Methodology][2] was used to perform the risk analysis. The OWASP Risk Rating Methodology incorporates risk assessment concepts and references the [OWASP Risk Assessment Framework][8] project, which provides guidance on assessing and prioritizing risks. Prevalence ratings were decided from a consensus among the project team members, based on their experience in the field. For considerations on these matters, please refer to the [API Security Risks][3] section.