Sunday, April 25, 2010

Latest Top 10 OWASP web application security risks

The OWASP Top 10 Web Application Security Risks for 2010 are:

* A1: Injection
* A2: Cross-Site Scripting (XSS)
* A3: Broken Authentication and Session Management
* A4: Insecure Direct Object References
* A5: Cross-Site Request Forgery (CSRF)
* A6: Security Misconfiguration
* A7: Insecure Cryptographic Storage
* A8: Failure to Restrict URL Access
* A9: Insufficient Transport Layer Protection
* A10: Unvalidated Redirects and Forwards

Download the latest OWASP report

No comments: