This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Education Material Categorized/OWASP Top Ten

From OWASP
Jump to: navigation, search

OWASP Top Ten

The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list. There are currently versions in English, French, Japanese, Korean and Turkish. A Spanish version is in the works. We urge all companies to adopt this awareness document within their organization and start the process of ensuring that their web applications do not contain these flaws. Adopting the OWASP Top Ten is perhaps the most effective first step towards changing the software development culture within your organization into one that produces secure code.

A1 - Cross Site Scripting (XSS)

Presentation
  • training material
Video's
  • training video

A2 - Injection Flaws

Presentation
  • training material
Video's
  • training video

A3 - Malicious File Execution

Presentation
  • training material
Video's
  • training video

A4 - Insecure Direct Object Reference

Presentation
  • training material
Video's
  • training video

A5 - Cross Site Request Forgery (CSRF)

Presentation
  • training material
Video's
  • training video

A6 - Information Leakage and Improper Error Handling

Presentation
  • training material
Video's
  • training video

A7 - Broken Authentication and Session Management

Presentation
  • training material
Video's
  • training video

A8 - Insecure Cryptographic Storage

Presentation
  • training material
Video's
  • training video

A9 - Insecure Communications

Presentation
  • training material
Video's
  • training video

A10 - Failure to Restrict URL Access

Presentation
  • training material
Video's
  • training video