Архив метки: security audit

OWASP Top 10 2017 RC2 Final has been published

A second release candidate for the list of Most Critical types of vulnerabilities/risks for Web Apps by version of OWASP, has been published recently on their GitHub space.

There was significant changes since the previous OWASP Top 10 2013 list: some threats are not so actual these days, but another ones arose (such as XML External Entity (XXE), Insecure Deserealization, and Insufficient Logging & Monitoring).

The RC2 has Final postfix in its name meaning the document is ready to review and investigation.

Читать далее