Mike's Security Cabinet

A place to discuss application security and related topics.

Tuesday, March 6, 2012

OWASP Top 10

OWASP Top 10 focuses on identifying the most serious risks for your application.

https://www.owasp.org/index.php/Top_10_2010-Main

Troy Hunt writes excellent “OWASP TOP 10 for .NET”

2. Cross-Site Scripting (XSS)

3. Broken Authentication and Session Management

4. Insecure Direct Object References

5. Cross-Site Request Forgery (CSRF)

6. Security Misconfiguration

7. Insecure Cryptographic Storage

8. Failure to Restrict URL Access

9. Insufficient Transport Layer Protection

10. Unvalidated Redirects and Forwards

Here are some other interesting links related with owasp top 10

http://resources.infosecinstitute.com/owasp-top-10-tools-and-tactics/

http://resources.infosecinstitute.com/owasp-csrf/

http://resources.infosecinstitute.com/owasp-url-access/

Posted by michael xin at 6:25 AM

No comments:

Post a Comment

Newer Post Older Post Home

Subscribe to: Post Comments (Atom)

About Me

michael xin: CISSP, Application security engineer with interest in penetration testing, security application development, mobile security.

View my complete profile

Blog Archive

► 2013 (9)
- ► March (3)
- ► February (6)

▼ 2012 (25)
- ► October (1)
- ► August (1)
- ► June (1)
- ► May (4)
- ► April (3)
- ▼ March (9)
- ► February (6)

► 2011 (4)
- ► November (2)
- ► April (2)

► 2010 (23)
- ► August (1)
- ► July (6)
- ► May (6)
- ► March (1)
- ► February (7)
- ► January (2)

Simple theme. Powered by Blogger.