OWASP Top 10
12:10 PM
Justin
, Posted in
The 2013 OWASP top 10 has been released, and sad to say the number one spot has not changed since the last top 10 in 2010.....Injection!
|
OWASP Top 10 – 2013
|
|
A1 – Injection
|
|
A2 – Broken Authentication
and Session Management
|
|
A3 – Cross-Site Scripting
(XSS)
|
|
A4 – Insecure Direct
Object References
|
|
A5 – Security
Misconfiguration
|
|
A6 – Sensitive Data
Exposure
|
|
A7 – Missing Function
Level Access Control
|
|
A8 – Cross-Site Request
Forgery (CSRF)
|
|
A9 – Using Known
Vulnerable Components
|
|
A10 – Unvalidated
Redirects and Forwards
|
Back in 2011 I referenced Troy Hunt's excellent ebook reference for the 2010 OWASP top 10. If you didn't go get it then, download it now.
0 Response to "OWASP Top 10"
Post a Comment