Abstract
Insecure software is undermining our financial, healthcare,
defense, energy, and other critical infrastructure. As our
digital infrastructure gets increasingly complex and
interconnected, the difficulty of achieving application
security increases exponentially. We can no longer afford to
tolerate relatively simple security problems like those
presented in this OWASP Top 10.
The goal of the Top 10 project is to raise awareness about
application security by identifying some of the most critical
risks facing organizations. The Top 10 project is referenced
by many standards, books, tools, and organizations, including
MITRE, PCI DSS, DISA, FTC, and many more. This release of
the OWASP Top 10 marks this project’s tenth anniversary of
raising awareness of the importance of application security
risks. The OWASP Top 10 was first released in 2003, with
minor updates in 2004 and 2007. The 2010 version was
revamped to prioritize by risk, not just prevalence. This 2013
edition follows the same approach.
Users
Please
log in to take part in the discussion (add own reviews or comments).