ARTICLE [PDF] OWASP Top 10 for 2010 Final Version

Monday 19 April 2010 - 1164 read - ( Keywords : Owasp )

The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list.

GIF - 9.7 kb

The OWASP Top 10 Web Application Security Risks for 2010 are:

- A1: Injection
- A2: Cross-Site Scripting (XSS)
- A3: Broken Authentication and Session Management
- A4: Insecure Direct Object References
- A5: Cross-Site Request Forgery (CSRF)
- A6: Security Misconfiguration
- A7: Insecure Cryptographic Storage
- A8: Failure to Restrict URL Access
- A9: Insufficient Transport Layer Protection
- A10: Unvalidated Redirects and Forwards

More information: here


POSTSCRIPTUM

Download: PDF


RELATED ARTICLES

Owasp,

22 April 2010 : OWASP Code Crawler v2.7 released
19 April 2010 : [PDF] OWASP Top 10 for 2010 Final Version
31 January 2010 : OWASP Code Crawler updated to v2.5.1
24 January 2010 : OWASP Code Crawler v2.5 released
21 January 2010 : OWASP TOP 10 2010 French version released