SWAT Top Ten: Conclusion


	Tuesday, May 21, 2013

	New Resources
	Combating Malware
	SafeDNS
	Phishing Archive
	Cloud Computing and Data Outsourcing
	Best Practices for Applications with Confidential University Data

	Security "Greatest Hits"
	Managing Passwords
	E-mail Harassment & Forgery
	Hoaxes, frauds & scams
	Spam
	Phishing
	Wireless Networking
	Encryption & digital signatures

	Best Practices
	Secure desktop computing
	Secure servers
	Secure data deletion
	Securing printers
	Tips for safe computing
	Computing policies

	More in-depth information for
	Local support providers
	System administrators

	Security initiatives
	Critical host compliance
	Authentication & authorization
	Penn Security & Privacy Assessment (SPIA)
	Security Liaisons (Restricted Access)
	Secure Share
	Secure Space
	Vulnerability Scanner

	Related links
	Electronic privacy
	PennKey
	Viruses
	Worms, trojans, backdoors

Top 10 Web Application Security Vulnerabilities

Based on OWASP Research

Conclusions

Web application security problems are as serious as network security problems, but have received considerably less attention to date. Attackers have begun to focus on web application security problems, and are actively developing tools and techniques for detecting and exploiting them. This Top Ten list is only a starting point for those flaws that represent the most serious risks to web application security.

Back: A10: Insecure Configuration Management



Information Systems and Computing University of Pennsylvania Comments & Questions