Top ten security breaches , by OWASP

Recently a friend of mine took an interview as IT Architect. He was hammered with questions about top security breaches, and they are all listed here on the OWASP site.

• Injection
• Broken Authentication and Session Management
• Cross-Site Scripting (XSS)
• Insecure Direct Object References
• Security Misconfiguration
• Sensitive Data Exposure
• Missing Function Level Access Control
• Cross-Site Request Forgery (CSRF)
• Using Components with Known Vulnerabilities
• Unvalidated Redirects and Forwards

I found it very useful reading those wikis...

OWASP is a non-profit organization (Open Web Application Security Project) . I found it interesting that there are many women at its head.... men probably are too busy making money or hacking code...