Tuesday, November 25, 2008

Top 10 Web Application Security Vulnerabilities

If you are developing web applications, and don't know the meaning of and how to prevent the following 10 security threats, OWASP Top 10 is good reading material.
  • Cross Site Scripting (XSS)
  • Injection Flaws
  • Malicious File Execution
  • Insecure Direct Object Reference
  • Cross Site Request Forgery
  • Information Leakage and Improper Error Handling
  • Broken Authentication and Session Management
  • Insecure Cryptographic Storage
  • Insecure Communications
  • Failure to Restrict URL Access