OWASP Issues Top 10 Web Application Security Risks List
On April 19, 2010 Open Web Application Security Project (OWASP) released the final version of the OWASP Top 10 for 2010. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are.
The OWASP Top 10 Web Application Security Risks for 2010 are:
- A1: Injection
- A2: Cross-Site Scripting (XSS)
- A3: Broken Authentication and Session Management
- A4: Insecure Direct Object References
- A5: Cross-Site Request Forgery (CSRF)
- A6: Security Misconfiguration
- A7: Insecure Cryptographic Storage
- A8: Failure to Restrict URL Access
- A9: Insufficient Transport Layer Protection
OWASP urges all companies to adopt this awareness document within their organization and start the process of ensuring that their web applications do not contain these flaws. Adopting the OWASP Top Ten is perhaps the most effective first step towards changing the software development culture within your organization into one that produces secure code.
The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security.
Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of imp
A Webinar Back by popular demand! Based on what Dan is finding in reviews of several
While we’re not a news service, we often use current events to comment on trends and
Welcome IBA Forum attendees! Looking to set up your own program for people to work fr
A short. This presentation is intended for those who are planning to participate in a