We’ll spend most of the rest of this book talking about web security vulnerabilities and principles, but just to whet your appetite for what’s to come, let’s start by getting familiar with the OWASP Top Ten List.
One of the most-respected authorities in the field of web application security is the organization OWASP, short for the Open Web Application Security Project. As its name implies, OWASP is an open-source project with the goal of improving web application security. (You can see a screenshot of the OWASP web site, Figure 1-3.), in
Figure 1-3 The OWASP web site
OWASP is basically a loose ...