[Owasp-topten] Feedback on OWASP 2010 Top 10 (Sec. Misconfig)

McGovern, James F. (eBusiness) James.McGovern at thehartford.com
Mon Nov 16 10:05:03 EST 2009


Any thoughts on:

- Business Logic Flaws: Not just about stealing credit card or other one
field attributes
- Bad Audit Practices: most folks don't get it right upfront and at
least should have the ability to use forensics after the fact. Mention
what should be in log



************************************************************
This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information.  If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited.  If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.
************************************************************



More information about the Owasp-topten mailing list