*: OWASP Top 10 for 2010

OWASP Top 10 for 2010

On April 19, 2010 we released the final version of the OWASP Top 10 for 2010, and here is the associated press release. This version was updated based on numerous comments received during the comment period after the release candidate was released in Nov. 2009.

The OWASP Top 10 Web Application Security Risks for 2010 are:

A1: Injection
A2: Cross-Site Scripting (XSS)
A3: Broken Authentication and Session Management
A4: Insecure Direct Object References
A5: Cross-Site Request Forgery (CSRF)
A6: Security Misconfiguration
A7: Insecure Cryptographic Storage
A8: Failure to Restrict URL Access
A9: Insufficient Transport Layer Protection
A10: Unvalidated Redirects and Forwards

Subscribe to: Posts (Atom)