What is the OWASP Top 10, and – just as important – what is it not? In this review, we look at how you can make this critical risk report work for you and your organisation.
What is OWASP?
OWASP is the Open Web Application Security Project, an international non-profit organization dedicated to improving web application security.
It operates on the core principle that all of its materials are freely available and easily accessible online, so that anyone anywhere can improve their own web app security. It offers a number of tools, videos, and forums to help you do this – but their best-known project is the OWASP Top 10.
The top 10 risks
The OWASP Top 10 outlines the most critical risks to web application security. Put together by a team of security experts from all over the world, the list is designed to raise awareness of the current security landscape and offer developers and security professionals invaluable insights into the latest and most widespread security risks.
It also includes a checklist and remediation advice that experts can fold into their own security practices and operations to minimise and/or mitigate the risk to their apps.
images from Hacker News