New OWASP Top 10 Release Candidate Released for 2010!

Calendar November 15, 2009 | Posted by admin

OWASP Released a new version of their OWASP Top 10 in a Release Candidate has been released, just in time for 2010.  A copy of this can be found here.   OWASP releases a Top 10 list periodically of the tem most critical web application security risks.  There were two new entries:

  • Security Misconfiguration was added at #6
  • Unvalidated Redirects and Forwards at #8

 

Removed were:

  • Malicious File Execution – Still a problem but appears to be under control more then the other 10.
  • Information Leakage and Improper Error Handling – Also appears to be under some control compared to the rest of the top 10.

NOTE:  Just because Malicious File Execution and Information Leakage and Improper Error Handling have been removed from the top 10 does not mean that they are not important to take care of.  It just means they are more understood now and happen much less then they did in 2007.

For more information on the OWASP top 10 visit OWASP at http://www.owasp.org.

Category Categories: Application Security, OWASP | Tag Tags: | Comments No Comments »

Leave a Reply