Sunday, April 27, 2014

What is the OWASP Top 10?


-----
The OWASP Foundation

The Open Web Application Security Project (OWASP) Foundation came online on December 1st 2001 it was established as a not-for-profit charitable organization in the United States on April 21, 2004 to ensure the ongoing availability and support for our work at OWASP. OWASP is an international organization and the OWASP Foundation supports OWASP efforts around the world. OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. We can be found at www.owasp.org.

OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way. The OWASP Foundation is a not-for-profit entity that ensures the project's long-term success.
-----

The OWASP Top 10 provides:
A list of the 10 Most Critical Web Application Security Risks
And for each Risk it provides:
A description
Example vulnerabilities
Example attacks
Guidance on how to avoid
References to OWASP and other related resources

-----
Table of Contents
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)