Αποτελέσματα Αναζήτησης
The OWASP Top 10 is the reference standard for the most critical web application security risks. Adopting the OWASP Top 10 is perhaps the most effective first step towards changing your software development culture focused on producing secure code.
- OWASP Dependency-Track
For more details about Dependency-Track see the projects...
- OWASP SAMM
OWASP SAMM and the SAMM v2 release is the open source...
- OWASP Mobile Top 10
If you face any issues joining us on Slack, please feel free...
- About
About the OWASP Foundation on the main website for The OWASP...
- OWASP Top Ten 2021
What is the value of a top 10 list? Origin subjective;...
- OWASP TOP 10
Applications and APIs using components with known...
- OWASP Top 10:2021
We selected eight of the ten categories from contributed...
- OWASP Dependency-Track
16 Δεκ 2021 · What is the value of a top 10 list? Origin subjective; enough evidence now? Specific enough to be useful to most? Does this kind of tool help make risk decisions? How has the battle gone over 20 years? Line in the Sand Back to context and which risks matter
The Top 10 OWASP vulnerabilities are 1. Injection 2. Broken Authentication 3. Sensitive data exposure 4. XML External Entities (XXE) 5. Broken Access control 6. Security misconfigurations 7. Cross-Site Scripting (XSS) 8. Insecure Deserialization 9. Using Components with Known Vulnerabilities 10. Insufficient Logging and Monitoring 3 4 5 8 9 11 ...
We selected eight of the ten categories from contributed data and two categories from the Top 10 community survey at a high level. We do this for a fundamental reason, looking at the contributed data is looking into the past. AppSec researchers take time to find new vulnerabilities and new ways to test for them.
Applications and APIs using components with known vulnerabilities may undermine application defenses and enable various attacks and impacts.
Welcome to the OWASP Top 10 – 2017! This major update adds several new issues, including two issues selected by the community - A8:2017-Insecure Deserialization and A10:2017-Insufficient Logging and Monitoring.
The OWASP Top Ten is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
