Great new projects at OWASP''' |+|
| || |
|−|; [[: Category: OWASP Encoding Project|OWASP Encoding Project]] |+|
| || |
|−|; [[:Category:OWASP WSFuzzer Project|OWASP WSFuzzer Project]] |+|
|−|: A fuzzing tool for Web Services to support penetration testing efforts | |
| || |
|−|; [ [:Category: OWASP Insecure Web App Project|OWASP Insecure Web App Project]] |+|
|−|: A realistic but insecure Java EE web application for use in learning and testing tools |+|
Revision as of 20:06, 16 November 2006
SANS and OWASP Partner to Add #1 Web Application Security to SANS Top 20
The SANS document is widely used, and we're extremely pleased that we could work with them to recognize the risks associated with web applications. From the document...
"Every week hundreds of vulnerabilities are being reported in these web applications, and are being actively exploited. The number of attempted attacks every day for some of the large web hosting farms range from hundreds of thousands to even millions. All web frameworks (PHP, .NET, J2EE, Ruby on Rails, ColdFusion, Perl, etc) and all types of web applications are at risk from web application security defects, ranging from insufficient validation through to application logic errors."