On April 19, 2010 OWASP released the final version of the OWASP Top 10 for 2010, and here is the associated press release.
The OWASP Top 10 Web Application Security Risks for 2010 are:
A1: Injection
A2: Cross-Site Scripting (XSS)
A3: Broken Authentication and Session Management
A4: Insecure Direct Object References
A5: Cross-Site Request Forgery (CSRF)
A6: Security Misconfiguration
A7: Insecure Cryptographic Storage
A8: Failure to Restrict URL Access
A9: Insufficient Transport Layer Protection
A10: Unvalidated Redirects and Forwards
Now u must use those risks in PCI DSS and PA-DSS compliance assessments .
Подписаться на:
Комментарии к сообщению (Atom)
Комментариев нет:
Отправить комментарий