Thursday, June 13, 2013

Released the new version of OWASP Top 10 - 2013

This version was updated based on numerous comments received during the comment period after the release candidate was released in Feb. 2013.

  • A1 Injection
  • A2 Broken Authentication and Session Management
  • A3 Cross-Site Scripting (XSS)
  • A4 Insecure Direct Object References
  • A5 Security Misconfiguration
  • A6 Sensitive Data Exposure
  • A7 Missing Function Level Access Control
  • A8 Cross-Site Request Forgery (CSRF)
  • A9 Using Known Vulnerable Components
  •  A10 Unvalidated Redirects and Forwards

Get PDF format from: http://owasptop10.googlecode.com  - https://www.owasp.org/index.php/Top10

No comments: