What is OWASP?

What is OWASP?

The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

If you are running a web server and/or web application, you should know the trend of the attacks and also make sure your web server and/or web application is free from such kind of attacks.

The Open Web Application Security Project (OWASP) Top Ten Project

The OWASP Top 10 Web Application Security Risks for 2010 are:

    A1: Injection
    A2: Cross-Site Scripting (XSS)
    A3: Broken Authentication and Session Management
    A4: Insecure Direct Object References
    A5: Cross-Site Request Forgery (CSRF)
    A6: Security Misconfiguration
    A7: Insecure Cryptographic Storage
    A8: Failure to Restrict URL Access
    A9: Insufficient Transport Layer Protection
    A10: Unvalidated Redirects and Forwards