The OWASP Top 10
Since 2001, the OWASP Foundation has catalogued application security incidents and vulnerabilities.[54] Its member organizations contribute data from real attacks, so these are real lessons rather than “what-if-isms.” One way that OWASP promotes application security awareness is through its OWASP Top 10 list. It represents a consensus about the most critical web application security flaws, updated every three or four years. OWASP plans to release an updated and revised list in 2017. There’s still considerable debate, so the list here (based on “Release Candidate 1”) may not be the one that gets adopted. For that matter, it might actually turn out to be the 2018 update. It just goes to show that you can’t ever stop worrying about ...
Get Release It!, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
