Wednesday, November 18, 2009

OWASP Releases 2010 - Top 10 Web Application Security Risks

OWASP (Open Web Application Security Project) released the preliminary version of the Top 10 Web Application Security Risks in a Request for Comment format.

According to OWASP they plan "to release the final public release of the OWASP Top 10 -2010 during the first quarter of 2010 after a final, one-month public comment period ending December 31, 2009. This release of the OWASP Top 10 marks this project’s eighth year of raising awareness of the importance of application security risks. This release has been significantly revised to clarify the focus on risk. To do this, we’ve detailed the threats, attacks, weaknesses, security controls, technical impacts, and business impacts associated with each risk. By adopting this approach, we hope to provide a model for how organizations can think beyond the ten risks here and figure out the most important risks that their applications create for their business."

The full document can be found on the
OWASP web site.

The OWASP Top Ten has been a key driver in improving the security of Web applications across many industries. If you have any questions please ask Arthur, who is an active OWASP member.

No comments:

Post a Comment