OWASP Top 10 Project 2013 published

The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. The goal of the Top 10 project is to raise awareness about application security by identifying some of the most critical risks facing organizations.

As a leading security software vendor, Avira is fully committed to support, implement and spread the word about how to make software more secure.

The OWASP Top 10 for 2013 is now officially released as of June 12, 2013.

Here is the OWASP Top 10 2013 – PDF document. And the wiki version of the Top 10 for 2013 is here. 



(Source: OWASP Top 10)

The OWASP Top 10 – 2013 is as follows:

  • A1 Injection
  • A2 Broken Authentication and Session Management
  • A3 Cross-Site Scripting (XSS)
  • A4 Insecure Direct Object References
  • A5 Security Misconfiguration
  • A6 Sensitive Data Exposure
  • A7 Missing Function Level Access Control
  • A8 Cross-Site Request Forgery (CSRF)
  • A9 Using Known Vulnerable Components
  • A10 Unvalidated Redirects and Forwards


The top list is just a short list. Don’t stop at 10.

There are hundreds of issues that could affect the overall security of a web application as discussed in the OWASP Developer’s Guide and the OWASP Cheat Sheet Series. These are essential reading for anyone developing web applications. Guidance on how to effectively find vulnerabilities in web applications is provided in the OWASP Testing Guide and the OWASP Code Review Guide.


Sorin Mustaca

IT Security Expert


via Avira – TechBlog http://techblog.avira.com/2013/06/14/owasp-top-10-project-2013-published/en/

© Copyright Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

Comments are closed.

%d bloggers like this: