OWASP Issues Top 10 Web Application Security Risks Lis

OWASP’s new list features the most exploitable and likely security risks found in these apps. OWASP reworked the list to provide developers with more of a reality check and understanding of the real threats. New to the list are security misconfiguration and unvalidated redirects and forwards, all of which are prevalent today. Web redirects typically steer users to other pages and sites, and when the data for the destination pages isn’t properly validated, users can be redirected to phishing or malware sites by attackers.
The OWASP Top 10 report also includes how to assess the possibility that your Web application could be at risk of these types of Web attacks, as well as mitigation tips.
* http://www.owasp.org/index.php/Top_10
The OWASP Top 10 list for 2010 comprises:
1. injection
2. cross-site scripting (XSS)
3. broken authentication and session management
4. insecure direct object references
5. cross-site request forgery (CSRF)
6. security misconfiguration
7. insecure cryptographic storage
8. failure to restrict URL access
9. insufficient transport layer protection
10. unvalidated redirects and forwards


About wikihead

A Seeker. Information Security Professional, Pursuing Life with Ayurveda.
This entry was posted in Uncategorized and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s