The OWASP Top 10 Web Application Security Risks for 2010 are:

  • A1: Injection
  • A2: Cross-Site Scripting (XSS)
  • A3: Broken Authentication and Session Management
  • A4: Insecure Direct Object References
  • A5: Cross-Site Request Forgery (CSRF)
  • A6: Security Misconfiguration
  • A7: Insecure Cryptographic Storage
  • A8: Failure to Restrict URL Access
  • A9: Insufficient Transport Layer Protection
  • A10: Unvalidated Redirects and Forwards
Share
Related Documents
  1. OWASP Testing Guide (2758)
  2. Security Testing Reference : Cross-Site Scripting (XSS) (2316)
  3. Security Testing Reference : SQL Injection (2410)
  4. Using JTest for Security Testing (2314)
  5. [Ebook] Hacker Attack (2904)
  6. New Advanced SQL Injection For Advanced Security Testing (1934)
  7. [Ebook] Google Hacks : 2nd Edition (2710)
  8. Steps to do security testing (1870)
  9. How to Secure CXF Web Services with SSL/TLS and WS-Security (1743)
  10. Password Recovery for Security Testing (1573)
  11. [Ebook] Linux 101 Hacks (2964)
  12. [Free] Security Software Testing Suite (SSTS) : Application-based security testing (1897)
  13. Putting Security Into Your Virtual World (703)
  14. [Free] WebGoat : Security Testing Tool (2412)
  15. CGISecurity : Web Server and Application Database website (828)
  16. Web Security Testing Glossary (1876)
  17. [Free] Exploit-Me : Web application security testing tools (3690)
  18. Types of Web Security Testing? (1334)
  19. [Paid] Sunbelt Network Security Inspector : Network Vulnerability Assessment Scanning (1720)
  20. [Video] Software Security Testing: Strengthening Your Defense Strategy (970)