[Owasp-ireland] OWASP Top 10 - 2010 Final Release

fabio.e.cerullo at aib.ie fabio.e.cerullo at aib.ie
Mon Apr 19 08:40:34 EDT 2010

Dear all,

On April 19th, OWASP released the final version of the Top 10 for 2010. 
The OWASP Top Ten provides a powerful awareness document for web 
application security. This version was updated based on comments received 
during the comment period after the release candidate was released in Nov. 

Click here to download the OWASP Top 10 - 2010 Final Release.

The OWASP Top 10 Web Application Security Risks for 2010 are: 

A1: Injection 
A2: Cross-Site Scripting (XSS) 
A3: Broken Authentication and Session Management 
A4: Insecure Direct Object References 
A5: Cross-Site Request Forgery (CSRF) 
A6: Security Misconfiguration 
A7: Insecure Cryptographic Storage 
A8: Failure to Restrict URL Access 
A9: Insufficient Transport Layer Protection 
A10: Unvalidated Redirects and Forwards 

Please help us make sure every developer knows about the OWASP Top 10 by 
helping to spread the world!!! 

As you help us spread the word, please emphasize: 

- OWASP is reaching out to developers, not just the application security 
- The Top 10 is about managing risk, not just avoiding vulnerabilities. 
- To manage these risks, organizations need an application risk management 
program, not just awareness training, app testing, and remediation. 

Thank you,

Fabio Cerullo
Divisional Information Security 
Bankcentre D1, 
Dublin 4,

Tel: +353 1 772 6309
Email: fabio.e.cerullo at aib.ie

This document is strictly confidential and is intended for use by the addressee unless otherwise indicated.

This email has been scanned by an external email security system.

Allied Irish Banks

AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Financial Regulator.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173

Please consider the environment before printing this e-mail. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-ireland/attachments/20100419/c9267cb5/attachment.html 

More information about the Owasp-ireland mailing list