What is OWASP and OWASP top 10 vulnerabilities ??
What Is OWASP? OWASP, or the Open Web Application Security Project , is a nonprofit organization focused on software security. Their projects include a number of open-source software development programs and toolkits, local chapters and conferences, among other things. One of their projects is the maintenance of the OWASP Top 10, a list of the top 10 security risks faced by web applications. OWASP Top 10 Vulnerabilities So, what are the top 10 risks accordingly to OWASP?? 1. Injection Injection occurs when an attacker exploits insecure code to insert (or inject) their own code into a program. Because the program is unable to determine code inserted in this way from its own code, attackers are able to use injection attacks to access secure areas and confidential information as though they are trusted users. Examples of injection include SQL injection, command injections, CRLF injections, and LDAP injections. Application security testing can reveal injection flaws and suggest remedia