OWAP TOP 10 2017

OWAP TOP 10 2017

Application Security Risk 2017

The OWASP top ten has been changed and following list is the updated.

  1. A1:2017 – Injection
  2. A2:2017 – Broken Authentication
  3. A3:2017 – Sensitive Data Exposure
  4. A4:2017 – XML External Entities (XXE)
  5. A5:2017 – Broken Access Control
  6. A6:2017 – Security Misconfiguration
  7. A7:2017 – Cross Site Scripting (XSS)
  8. A8:2017 – Insecure Deserialization
  9. A9:2017 – Using Component with Known Vulnerability
  10. A10:2017 – Insufficient Logging & Monitoring
    • Related Articles

    • OWASP TOP

      The OWASP Top Ten is a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts ...
    • Top Mistakes when Performing a Web Vulnerability Assessment

      Last year, according to security vendor Secunia, statistics says the no of vulnerabilities detected in commercial software’s found over 15500 in total 3870 Products. Unfortunately, many vulnerabilities remain open for many weeks, or even years as ...
    • XML Injection

      In this post, we will see about XML injection. XML injection can also be said as XPath injection where we inject our payload which is more or less similar to SQL injection. We could check the availability of XML injection by using single quote. If it ...
    • RESTAPI Vulnerability Scanner

      Hi, This post is regarding VOOKI – RESTAPI Vulnerability Scanner. Before you learn about RESTAPI Vulnerability Scanner. You need to learn few things please read below. First, we learn about what is Web Service? WEB SERVICE: A web service is a ...
    • Web security issues you need to be concerned

      1. SQL Injection (SQLi) The SQL injection is the most common web security issue faced by most of the companies. An SQL injection is the injection attack where hackers can input malicious SQL queries to pull sensitive data from the database. These SQL ...