Open Web Application Security Project (OWASP), an open-source application security project, has published a release candidate version of the OWASP Top 10 Project for comments and feedback. You can download it from http://www.owasp.org/images/0/0f/OWASP_T10_-_2010_rc1.pdf.
|It was always perceived that OWASP Top 10 is about 10 most common weaknesses in web applications; this release makes it clear that OWASP Top 10 Project is about Top 10 risks. As a result, OWASP reshuffled the order of the items on the list since now it is based on the estimate risk, instead the frequency of the associated weakness.|
In addition, there are two new items:
|Please review and contribute your thought and comments.|
Friday, November 20, 2009
Tuesday, November 10, 2009
|Ubuntu 9.10 (nicked named Karmic Kuala) is out and it has number of security improvements (over the previous version) that I would like to highlight:|
|A full list of Ubuntu security features can be found at https://wiki.ubuntu.com/Security/Features.|