OWASP Top 10

The 2013 OWASP top 10 has been released, and sad to say the number one spot has not changed since the last top 10 in 2010.....Injection!

OWASP Top 10 – 2013
A1 – Injection
A2 – Broken Authentication and Session Management
A3 – Cross-Site Scripting (XSS)
A4 – Insecure Direct Object References
A5 – Security Misconfiguration
A6 – Sensitive Data Exposure
A7 – Missing Function Level Access Control
A8 – Cross-Site Request Forgery (CSRF)
A9 – Using Known Vulnerable Components
A10 – Unvalidated Redirects and Forwards

Back in 2011 I referenced Troy Hunt's excellent ebook reference for the 2010 OWASP top 10. If you didn't go get it then, download it now. 

0 Response to "OWASP Top 10"

Post a Comment

powered by Blogger | WordPress by Newwpthemes | Converted by BloggerTheme