The OWASP Top 10 Web Application Security Risks for 2010 are:

  • A1: Injection
  • A2: Cross-Site Scripting (XSS)
  • A3: Broken Authentication and Session Management
  • A4: Insecure Direct Object References
  • A5: Cross-Site Request Forgery (CSRF)
  • A6: Security Misconfiguration
  • A7: Insecure Cryptographic Storage
  • A8: Failure to Restrict URL Access
  • A9: Insufficient Transport Layer Protection
  • A10: Unvalidated Redirects and Forwards
Share
Related Documents
  1. OWASP Testing Guide (2618)
  2. New Advanced SQL Injection For Advanced Security Testing (1889)
  3. [Ebook] Google Hacks : 2nd Edition (2576)
  4. Security Testing Reference : SQL Injection (2348)
  5. How to Secure CXF Web Services with SSL/TLS and WS-Security (1665)
  6. Security Testing Reference : Cross-Site Scripting (XSS) (2260)
  7. Using JTest for Security Testing (2222)
  8. Password Recovery for Security Testing (1525)
  9. [Ebook] Hacker Attack (2781)
  10. [Free] Security Software Testing Suite (SSTS) : Application-based security testing (1842)
  11. [Free] WebGoat : Security Testing Tool (2332)
  12. Steps to do security testing (1814)
  13. CGISecurity : Web Server and Application Database website (787)
  14. Putting Security Into Your Virtual World (668)
  15. [Ebook] Linux 101 Hacks (2750)
  16. Economic Impactof Network Security Threats (Security Testing) (1200)
  17. [Ebook] The Art of Software Security Testing: Identifying Software Security Flaws (10296)
  18. [Free] BFBTester : Brute Force Binary Tester (1946)
  19. [Free] SiteDigger : vulnerabilities, errors, configuration issues, proprietary information, and interesting security testing tool (4803)
  20. Network Penetration Testing (1806)