This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Germany/Projekte/Top 10-2017 Details zu den Risiko-Faktoren"
From OWASP
(Created Page) |
(Auswirkungen Geschäftl.: Daten- & Geschäfts-spezifisch) |
||
| Line 26: | Line 26: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=3|prevalence=2|detectability=3|impact=3|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=3|prevalence=2|detectability=3|impact=3|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>8.0</b></td></tr> | <td style="border: 3px solid #444444"><b>8.0</b></td></tr> | ||
| Line 32: | Line 32: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=3|prevalence=2|detectability=2|impact=3|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=3|prevalence=2|detectability=2|impact=3|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>7.0</b></td></tr> | <td style="border: 3px solid #444444"><b>7.0</b></td></tr> | ||
| Line 39: | Line 39: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=3|detectability=2|impact=3|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=3|detectability=2|impact=3|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>7.0</b></td></tr> | <td style="border: 3px solid #444444"><b>7.0</b></td></tr> | ||
| Line 45: | Line 45: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=2|detectability=3|impact=3|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=2|detectability=3|impact=3|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>7.0</b></td></tr> | <td style="border: 3px solid #444444"><b>7.0</b></td></tr> | ||
| Line 51: | Line 51: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=2|detectability=2|impact=3|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=2|detectability=2|impact=3|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>6.0</b></td></tr> | <td style="border: 3px solid #444444"><b>6.0</b></td></tr> | ||
| Line 57: | Line 57: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=3|prevalence=3|detectability=3|impact=2|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=3|prevalence=3|detectability=3|impact=2|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>6.0</b></td></tr> | <td style="border: 3px solid #444444"><b>6.0</b></td></tr> | ||
| Line 63: | Line 63: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=3|prevalence=3|detectability=3|impact=2|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=3|prevalence=3|detectability=3|impact=2|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>6.0</b></td></tr> | <td style="border: 3px solid #444444"><b>6.0</b></td></tr> | ||
| Line 69: | Line 69: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=1|prevalence=2|detectability=2|impact=3|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=1|prevalence=2|detectability=2|impact=3|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>5.0</b></td></tr> | <td style="border: 3px solid #444444"><b>5.0</b></td></tr> | ||
| Line 75: | Line 75: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=3|detectability=2|impact=2|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=3|detectability=2|impact=2|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>4.7</b></td></tr> | <td style="border: 3px solid #444444"><b>4.7</b></td></tr> | ||
| Line 81: | Line 81: | ||
<td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | <td style="border: 3px solid #444444;"><b>{{Top_10:LanguageFile|text=appSpecific|language=de}}</b></td> | ||
{{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=3|detectability=1|impact=2|language=de|year=2017}} | {{Top_10-2017:SummaryTableTemplate|type=valueOnly|exploitability=2|prevalence=3|detectability=1|impact=2|language=de|year=2017}} | ||
| − | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text= | + | <td style="border: 3px solid #444444"><b>{{Top_10:LanguageFile|text=dataBusinessSpecific|language=de}}</b></td> |
<td style="border: 3px solid #444444"><b>4.0</b></td></tr> | <td style="border: 3px solid #444444"><b>4.0</b></td></tr> | ||
</table></center> <!-- End risk table --> | </table></center> <!-- End risk table --> | ||
Latest revision as of 22:14, 18 December 2018
==BAUSTELLE! Hier entsteht das deutsche Wiki der OWASP Top 10-2017==
==Bitte benutzen Sie die PDF Version.==
|
Zusammenfassung der Top 10 Risiko-Faktoren
Die folgende Tabelle stellt eine Zusammenfassung der Top 10 Risiken für die Anwendungssicherheit in der Version des Jahres 2017 und der dazugehörigen Risiko-Faktoren dar. Diese Faktoren wurden durch verfügbare Statistiken und die Erfahrung des OWASP-Teams bestimmt. Um diese Risiken für eine bestimmte Anwendung oder Organisation zu verstehen, muss der Leser seine eigenen, spezifischen Bedrohungsquellen und Auswirkungen auf sein Unternehmen betrachten. Selbst eklatante Software-Schwachstellen müssen nicht zwangsläufig ein ernsthaftes Risiko darstellen, wenn es z.B. keine Bedrohungsquellen gibt, die den notwendigen Angriff ausführen können oder die tatsächlichen Auswirkungen auf das Unternehmen und die Geschäftsprozesse zu vernachlässigen sind.
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Weitere Risiken, die man prüfen sollte
Auch wenn die Top 10 bereits sehr viele Problemfelder abdecken, so gibt es dennoch weitere Risiken, die man in Betracht ziehen und im jeweiligen Unternehmen oder der Organisation evaluieren sollte. Einige waren schon in früheren Versionen der OWASP Top 10 enthalten, andere nicht - wie z.B. neue Angriffstechniken. Diese werden permanent gesucht, gefunden und weiter entwickelt. Andere wichtige Sicherheitsrisiken für Anwendungen, die man sich ebenfalls näher ansehen sollte, sind (sortiert nach CVE-ID):
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
