Cenzic provides software and SaaS products for Website security
Customer Login   |    Contact   |    Blog    
1-866-4-CENZIC (866-423-6942)   |    Subscribe to the Cenzic Blog Connect with us on Facebook Follow us on Twitter Find Cenzic on iTunes Link to us on LinkedIn Watch our videos on YouTube
Home  » Resources  » Reg Not Required  » HackInfo  » OWASP Top 10 in 2010

OWASP Top 10 in 2010

OWASP Top 10 web application security risks in 2010

In April, OWASP announced their latest Top 10 Web application Security Risks for 2010. Take a look at the table below to compare the old and new OWASP list of top security risks.

Old - 2007: OWASP Top 10 New - 2010: OWASP Top 10
A2: Injection Flaws
A1: Injection
A1: Cross-Site Scripting (XSS)
A2: Cross-Site Scripting (XSS)
A7: Broken Authentication and Session Management
A3: Broken Authentication and Session Management
A4: Insecure Direct Object References
A4: Insecure Direct Object References
A5: Cross-Site Request Forgery (CSRF)
A5: Cross-Site Request Forgery (CSRF)
Insecure Configuration Management
A6: Security Misconfiguration (NEW!)
A8: Insecure Cryptographic Storage
A7: Insecure Cryptographic Storage
A10: Failure to Restrict URL Access
A8: Failure to Restrict URL Access
A9: Insecure Communications
A9: Insufficient Transport Layer Protection
Not in 2007
A10: Unvalidated Redirects and Forwards (New!)
A3: Malicious File Executive
Dropped in 2010
A6: Information Leakage and Improper Error Handling
Dropped in 2010
About Us | Products | Solutions | Support | News & Events | Partners | Resources | Legal | Privacy ©2012 Cenzic, Inc. All Rights Reserved.