Saturday, June 21, 2014

Top ten security breaches , by OWASP

Recently a friend of mine took an interview as IT Architect. He was hammered with questions about top security breaches, and they are all listed here on the OWASP site.

  • Injection
  • Broken Authentication and Session Management
  • Cross-Site Scripting (XSS)
  • Insecure Direct Object References
  • Security Misconfiguration
  • Sensitive Data Exposure
  • Missing Function Level Access Control
  • Cross-Site Request Forgery (CSRF)
  • Using Components with Known Vulnerabilities
  • Unvalidated Redirects and Forwards

I found it very useful reading those wikis...

OWASP is a non-profit organization (Open Web Application Security Project) . I found it interesting that there are many women at its head.... men probably are too busy making money or hacking code...

No comments: