[Owasp-topten] 2013 A7 - Access Control

Dennis Groves dennis.groves at owasp.org
Fri Feb 15 21:00:54 UTC 2013


On 15 Feb 2013, at 20:55, Abbas Naderi wrote:

> Agree with this one, how about changing the title to "Using outdated 
> third-party software"?

Many companies are required to use outdated third party software. Either 
because they outsource that part of their application or network; or 
because the company doesn't feel the financial investment is worth it. 
After all most of the time it is like fixing the sink in the kitchen - 
before you know it the sink has become a kitchen remodel that cost 100 
times as much.

The real question is how do we advise those companies to mitigate or 
minimise the risks when they must use such software.

Dennis

-- 
[Dennis Groves](http://about.me/dennis.groves), MSc
[Email me](mailto:dennis.groves at owasp.org) or [schedule a 
meeting](http://goo.gl/8sPIy).

*This email is licensed under a [CC BY-ND 
3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*

**Please do not send me Microsoft Office/Apple iWork documents.**
Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
Stand up for your freedom to install [free 
software](http://www.fsf.org/campaigns/secure-boot/statement).

> The idea that some lives matter less is the root of all that’s wrong 
> with the world. -- Paul Farmer


More information about the Owasp-topten mailing list