SWAT Top Ten: Conclusion


	Wednesday, November 25, 2009

	Security "Greatest Hits"
	Managing Passwords
	E-mail Harassment & Forgery
	Hoaxes, frauds & scams
	Spam
	Phishing
	Wireless Networking
	Encryption & digital signatures

	Best Practices
	Secure desktop computing
	Secure servers
	Secure web applications
	Secure web development
	Secure data deletion
	Tips for safe computing
	Computing policies

	More in-depth information for
	Local support providers
	System administrators
	Application developers

	Security initiatives
	Critical host compliance
	Authentication & authorization
	Penn Security & Privacy Assessment (SPIA)
	Security Liaisons (Restricted Access)
	Secure Share
	NeXpose Vulnerability Scanner

	Related links
	Electronic privacy
	PennKey
	Viruses
	Worms, trojans, backdoors

Top 10 Web Application Security Vulnerabilities

Based on OWASP Research

Conclusions

Web application security problems are as serious as network security problems, but have received considerably less attention to date. Attackers have begun to focus on web application security problems, and are actively developing tools and techniques for detecting and exploiting them. This Top Ten list is only a starting point for those flaws that represent the most serious risks to web application security.

Back: A10: Insecure Configuration Management



Information Systems and Computing University of Pennsylvania Comments & Questions