[Owasp-Recife] Fwd: [Owasp-poa] OWASP Top 10 for 2013 is now Released

Carlo Marcelo Revoredo da Silva revoredo at gmail.com
Wed Jun 12 18:49:45 UTC 2013


---------- Forwarded message ----------
From: Jeronimo Zucco <jczucco at gmail.com>
Date: 2013/6/12
Subject: [Owasp-poa] OWASP Top 10 for 2013 is now Released
To: owasp-poa at lists.owasp.org


https://lists.owasp.org/pipermail/owasp-topten/2013-June/001154.html


Thanks to everyone for all your spirited debate on the process and contents
of the Top 10 for 2013. The project made many updates to the Top 10 for 2013
based on these comments and also have started to develop plans for
continuing to improve the process of producing future Top 10s. We did not
change any of the Top 10 2013 categories from what was proposed in the
release candidate but made numerous changes throughout based on detailed
feedback from many different contributors.

The OWASP Top 10 - 2013 is as follows:

A1 Injection
A2 Broken Authentication and Session Management
A3 Cross-Site Scripting (XSS)
A4 Insecure Direct Object References
A5 Security Misconfiguration
A6 Sensitive Data Exposure
A7 Missing Function Level Access Control
A8 Cross-Site Request Forgery (CSRF)
A9 Using Known Vulnerable Components
A10 Unvalidated Redirects and Forwards

The final release can be downloaded from the main project page at:
https://www.owasp.org/index.php/Top10

Or the Google Top 10 Project page at: https://code.google.com/p/owasptop10/

If you simply want to download the document immediately, its available at:
http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202013.pdf

For all the Translators out there, the Translation Efforts tab on the Top 10
Project page at OWASP includes a link to the original PowerPoint document
that was used to produce the Top 10 for 2013. That tab also lists past
translator volunteers to help you find likeminded individuals who want to
help with translation efforts.

Thanks to everyone for their contributions to this important OWASP project!

-Dave

Dave Wichers
OWASP Top 10 Project Lead
OWASP Boardmember

-- 
Jeronimo Zucco
http://jczucco.blogspot.com

_______________________________________________
Owasp-poa mailing list
Owasp-poa at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-poa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-recife/attachments/20130612/12fb0893/attachment.html>


More information about the Owasp-recife mailing list