Message to Web Developers: OWASP Top10 2010 is Out!

OWASP Top10 2010 If you are not aware of this news, OWASP released yesterday its annual Top-10 Web Application Vulnerability Risks. I won’t list them again here, lot of security bloggers already did it in the next hours following the official press release.

Instead, I checked if the news was also relayed by the developers. After all, there are the first concerned  people in this document! Personally, I follow some developer’s blogs, I also googled for some well-know blogs oriented to “web technologies” and I must admit that almost nobody is aware of the OWASP Top-10. Maybe are all the developers blocked in European airports trying to catch a flight to go home?

As security professionals, our daily goal is also to introduce some security awareness principles to our colleagues. I hoped that a well-known document released by OWASP (since 2003!) was already a bedside book for web developers. It seems not!

for(;;) {
    apply_security_awareness(&developers);
}

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.