The OWASP Top 10 Web Application Security Risks for 2010 are:

  • A1: Injection
  • A2: Cross-Site Scripting (XSS)
  • A3: Broken Authentication and Session Management
  • A4: Insecure Direct Object References
  • A5: Cross-Site Request Forgery (CSRF)
  • A6: Security Misconfiguration
  • A7: Insecure Cryptographic Storage
  • A8: Failure to Restrict URL Access
  • A9: Insufficient Transport Layer Protection
  • A10: Unvalidated Redirects and Forwards
Share
Related Documents
  1. OWASP Testing Guide (2763)
  2. Security Testing Reference : Cross-Site Scripting (XSS) (2319)
  3. Security Testing Reference : SQL Injection (2413)
  4. Using JTest for Security Testing (2324)
  5. [Ebook] Hacker Attack (2925)
  6. New Advanced SQL Injection For Advanced Security Testing (1937)
  7. [Ebook] Google Hacks : 2nd Edition (2726)
  8. Steps to do security testing (1877)
  9. How to Secure CXF Web Services with SSL/TLS and WS-Security (1750)
  10. Password Recovery for Security Testing (1573)
  11. [Ebook] Linux 101 Hacks (2998)
  12. [Free] Security Software Testing Suite (SSTS) : Application-based security testing (1898)
  13. Putting Security Into Your Virtual World (703)
  14. [Free] WebGoat : Security Testing Tool (2420)
  15. CGISecurity : Web Server and Application Database website (831)
  16. Web Security Testing Glossary (1878)
  17. [Free] Exploit-Me : Web application security testing tools (3704)
  18. Types of Web Security Testing? (1370)
  19. [Paid] Sunbelt Network Security Inspector : Network Vulnerability Assessment Scanning (1722)
  20. [Video] Software Security Testing: Strengthening Your Defense Strategy (974)