Internet and Web Application Security, 3rd Edition

Additional Web Threats Not in the Top 10

The OWASP Top 10 threat list may not include all of the threats to a website. The following sections detail some additional threats that, although they are not on the OWASP list, may have been in the past and remain a threat.

Information Leakage and Improper Error Handling

When an error occurs, whether related to the network, operating system, or a web application, error logs are generated to help programmers isolate the cause and work toward preventing the error in the future. Many error messages are designed to be thorough and include as much information as possible to help troubleshooters. Unfortunately, error messages are not always secured, and an attacker can exploit the information provided within ...

Get Internet and Web Application Security, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Internet and Web Application Security, 3rd Edition by Mike Harwood, Ron Price

Additional Web Threats Not in the Top 10

Information Leakage and Improper Error Handling

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly