OWASP Top 10
The 2013 OWASP top 10 has been released, and sad to say the number one spot has not changed since the last top 10 in 2010.....Injection!
OWASP Top 10 – 2013
|
A1 – Injection
|
A2 – Broken Authentication
and Session Management
|
A3 – Cross-Site Scripting
(XSS)
|
A4 – Insecure Direct
Object References
|
A5 – Security
Misconfiguration
|
A6 – Sensitive Data
Exposure
|
A7 – Missing Function
Level Access Control
|
A8 – Cross-Site Request
Forgery (CSRF)
|
A9 – Using Known
Vulnerable Components
|
A10 – Unvalidated
Redirects and Forwards
|
Back in 2011 I referenced Troy Hunt's excellent ebook reference for the 2010 OWASP top 10. If you didn't go get it then, download it now.
0 Response to "OWASP Top 10"
Post a Comment