The OWASP Top 10 Web Application Security Risks for 2010 are:

  • A1: Injection
  • A2: Cross-Site Scripting (XSS)
  • A3: Broken Authentication and Session Management
  • A4: Insecure Direct Object References
  • A5: Cross-Site Request Forgery (CSRF)
  • A6: Security Misconfiguration
  • A7: Insecure Cryptographic Storage
  • A8: Failure to Restrict URL Access
  • A9: Insufficient Transport Layer Protection
  • A10: Unvalidated Redirects and Forwards
Share
Related Documents
  1. OWASP Testing Guide (2779)
  2. Security Testing Reference : Cross-Site Scripting (XSS) (2327)
  3. Security Testing Reference : SQL Injection (2423)
  4. Using JTest for Security Testing (2343)
  5. [Ebook] Hacker Attack (2968)
  6. New Advanced SQL Injection For Advanced Security Testing (1941)
  7. [Ebook] Google Hacks : 2nd Edition (2764)
  8. Steps to do security testing (1885)
  9. How to Secure CXF Web Services with SSL/TLS and WS-Security (2227)
  10. Password Recovery for Security Testing (1581)
  11. [Ebook] Linux 101 Hacks (3070)
  12. [Free] Security Software Testing Suite (SSTS) : Application-based security testing (1908)
  13. [Free] WebGoat : Security Testing Tool (2435)
  14. Putting Security Into Your Virtual World (708)
  15. CGISecurity : Web Server and Application Database website (836)
  16. Web Security Testing Glossary (1885)
  17. [Free] Exploit-Me : Web application security testing tools (3742)
  18. Types of Web Security Testing? (1496)
  19. [Paid] Sunbelt Network Security Inspector : Network Vulnerability Assessment Scanning (1738)
  20. [Video] Software Security Testing: Strengthening Your Defense Strategy (981)