[Owasp-topten] Feedback on OWASP 2010 Top 10

McGovern, James F. (eBusiness) James.McGovern at thehartford.com
Wed Nov 18 09:24:30 EST 2009


 

A clear text ODBC connection between the mid-tier and back end would be
covered under A10 - Insufficient Transport Layer Protection  and should
be spelled out as one of the examples. Mention JDBC as well.

 

Since we are updating the OWASP Top Ten, may I assume that we could also
spend a little time synching up the OWASP Web Services Top Ten?
Likewise, since Cloud is becoming important, how about us proactively
announcing the creation of the OWASP Cloud Top Ten?

************************************************************
This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information.  If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited.  If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.
************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-topten/attachments/20091118/649e6c39/attachment-0001.html 


More information about the Owasp-topten mailing list