[Owasp-portuguese] Fwd: [Owasp-leaders] OWASP Top 10 for 2013 is now Released!!

Carlos Serrao carlos.serrao at owasp.org
Wed Jun 12 16:51:16 UTC 2013


Eu não tenho controlo direto disso, mas posso tentar saber se na OWASP me conseguem dizer!
Um abraço.

On Jun 12, 2013, at 5:50 PM, Paulo Silva <pauloasilva at gmail.com> wrote:

> Carlos,
> Consegues estatística de acesso (e download) da versão PT do anterior TOP10.
> A ideia era perceber se vale o esforço da tradução.
> 
> Abraço,
> 
> 
> On Wed, Jun 12, 2013 at 5:42 PM, Carlos Serrao <carlos.serrao at owasp.org> wrote:
> Caros membros,
> foi hoje lançada a nova versão do OWASP Top 10.
> 
> Cumprimentos,
> 
> Begin forwarded message:
> 
>> From: "Dave Wichers" <dave.wichers at owasp.org>
>> Subject: [Owasp-leaders] OWASP Top 10 for 2013 is now Released!!
>> Date: June 12, 2013 4:47:51 PM GMT+01:00
>> To: "'OWASP Leaders'" <owasp-leaders at lists.owasp.org>
>> 
>> The OWASP Top 10 project has updated and released the final version of the OWASP Top 10 for 2013 based on the feedback it received during the formal comment period.
>> 
>> 
>> The OWASP Top 10 for 2013 is as follows:
>> 
>> A1 Injection
>> 
>> A2 Broken Authentication and Session Management
>> 
>> A3 Cross-Site Scripting (XSS)
>> 
>> A4 Insecure Direct Object References
>> 
>> A5 Security Misconfiguration
>> 
>> A6 Sensitive Data Exposure
>> 
>> A7 Missing Function Level Access Control
>> 
>> A8 Cross-Site Request Forgery (CSRF)
>> 
>> A9 Using Known Vulnerable Components
>> 
>> A10 Unvalidated Redirects and Forwards
>> 
>> The final release can be downloaded from the main project page at:
>> 
>> https://www.owasp.org/index.php/Top10
>> 
>> Or the Google Top 10 Project page at: https://code.google.com/p/owasptop10/ 
>> 
>> If you simply want to download the document immediately, its available at:
>> 
>> http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202013.pdf
>> 
>> 
>> Thanks to everyone for their contributions to this important OWASP project!
>> 
>> Please spread the word to those organizations you are involved in to raise awareness of these issues, particularly the new and unfamiliar A9: Using Known Vulnerable Components. With the rapid increase in the pace of development and the tempo of issuing new releases, it's getting even more challenging to avoid introducing these risks in modern applications. This rapid development tempo is also encouraging the increased use of 3rd party as well as internally developed components, which have security issues just like any other software. That's why A9 was introduced, to raise awareness that developers need to make sure they are not continuing to use components with known vulnerabilities.
>> 
>> Thanks, Dave
>> 
>> Dave Wichers
>> 
>> OWASP Top 10 Project Lead
>> 
>> OWASP Boardmember
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 	Carlos Serrão
> Chapter Leader @ OWASP at PT
> 
>               
> 
> 
> _______________________________________________
> Owasp-portuguese mailing list
> Owasp-portuguese at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-portuguese
> 
> 
> 
> 
> -- 
> Paulo A. Silva
> http://pauloasilva.com
> http://linkedin.com/in/devpauloasilva/

	Carlos Serrão
Chapter Leader @ OWASP at PT

              

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-portuguese/attachments/20130612/6dae3b0e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4891 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-portuguese/attachments/20130612/6dae3b0e/attachment.bin>


More information about the Owasp-portuguese mailing list