SANS and OWASP Partner to Add #1 Web Application Security to SANS Top 20
The SANS document is widely used, and we're extremely pleased that we could work with them to recognize the risks associated with web applications. From the document...
"Every week hundreds of vulnerabilities are being reported in these web applications, and are being actively exploited. The number of attempted attacks every day for some of the large web hosting farms range from hundreds of thousands to even millions. All web frameworks (PHP, .NET, J2EE, Ruby on Rails, ColdFusion, Perl, etc) and all types of web applications are at risk from web application security defects, ranging from insufficient validation through to application logic errors."