AeyeScan Now Supports Latest "OWASP Top 10:2025" Standard; ASVS 5.0 Compliance Accelerates Vulnerability Countermeasure Decision-Making

AI Security Lab Co., Ltd. (https://www.aeyesec.jp/ Chiyoda-ku, Tokyo; Representative Director and President: Ayumu Aoki) announced on Saturday, April 25, 2026, that its AI-powered cloud-based web application vulnerability diagnostic tool, "AeyeScan," has been updated to support the latest security standard "OWASP Top 10:2025" and to display compliance with the verification standard "OWASP ASVS 5.0."

OWASP Top 10 Revised After 4 Years, Changing Risks The industry standard "OWASP Top 10," which summarizes major risks for web applications, has been revised for the first time in approximately four years, with the latest version released in January 2026.

Key highlights of this revision include:

Software Supply Chain Integrity Failures Expanded from "Vulnerable and Outdated Components" to rank 3rd.

Improper Handling of Exceptional Situations Risks related to unexpected error handling and system exceptions ranked 10th for the first time.

Broken Access Control Consolidated "Server-Side Request Forgery" and ranked 1st.

Furthermore, "Security Misconfiguration" rose to 2nd place, indicating a growing trend where deficiencies not only in implementation but also in operation and configuration lead to significant risks.

As the premise of web security changes in this way, continuous updates based on the latest threat trends are indispensable, rather than merely extending conventional approaches.

Web Diagnostic Tool "AeyeScan" Rapidly Adapts to Latest Standards In response to these changes, our company has promptly adapted to industry trends and implemented the following updates for AeyeScan:

1. Support for OWASP Top 10:2025 The guidelines within the scan result reports have been updated from the conventional "OWASP Top 10:2017" to the latest "2025." This enables risk assessment that reflects current threat trends.

2. Changed to ASVS 5.0-based Display The classification of vulnerabilities on the scan result screen has been revamped from the conventional "OWASP Top 10" basis to a more specific and technical "ASVS (Application Security Verification Standard) 5.0" chapter number basis. This allows developers to immediately identify "which design process or implementation area has a problem."

Visualization that Consistently Supports from Understanding to Countermeasure Decision-Making While "OWASP Top 10" indicates representative risk categories and serves as a guideline for understanding areas that should be prioritized, "OWASP ASVS" is a practical verification standard that defines specific security requirements.

This update combines these two standards to achieve visualization that seamlessly connects "understanding" to "concrete countermeasure decision-making" by:

Overseeing the latest risk trends and determining priorities (Top 10) Clearly identifying where technical problems lie and how to fix them (ASVS)

This powerfully supports practical application, including prioritization and remediation decisions, beyond merely "checking detection results."

Future Outlook AeyeScan will continue to respond rapidly to ever-changing security risks with cutting-edge technologies such as generative AI, and consistently provide "products that can be continuously used on-site."

We will continue to evolve as a platform that supports practical web security by promptly reflecting the latest threat trends into our features.

In conjunction with this update, we will also hold a webinar to explain the specific changes in the latest OWASP Top 10:2025 and risks based on trends in the first half of the year.

＼Explaining OWASP Top 10:2025 × Real-world Examples／

▼Click here for details! Please join us

https://www.aeyescan.jp/event-seminar/detail-webinar_20260630/

About the Cloud-based Web Application Vulnerability Diagnostic Tool "AeyeScan" Cloud-based Web Application Vulnerability Diagnostic Tool "AeyeScan"

AeyeScan is a cloud-based web application vulnerability diagnostic tool that utilizes cutting-edge technologies such as generative AI to automate security diagnostics that previously required manual effort, enabling easy and highly accurate diagnostics for anyone, anytime.

Product site: https://www.aeyescan.jp/

AI Security Lab Co., Ltd.

Founded in April 2019 with the philosophy of "solving the shortage of cybersecurity talent through technology." Generative A