Recently a friend of mine took an interview as IT Architect. He was hammered with questions about top security breaches, and they are all listed here on the OWASP site.
I found it very useful reading those wikis...
OWASP is a non-profit organization (Open Web Application Security Project) . I found it interesting that there are many women at its head.... men probably are too busy making money or hacking code...
- Injection
- Broken Authentication and Session Management
- Cross-Site Scripting (XSS)
- Insecure Direct Object References
- Security Misconfiguration
- Sensitive Data Exposure
- Missing Function Level Access Control
- Cross-Site Request Forgery (CSRF)
- Using Components with Known Vulnerabilities
- Unvalidated Redirects and Forwards
I found it very useful reading those wikis...
OWASP is a non-profit organization (Open Web Application Security Project) . I found it interesting that there are many women at its head.... men probably are too busy making money or hacking code...