This post looks at three different lists of the top security threats in software. The lists come from the Open Web Application Security Projcect (OWASP), Common Weaknesses Enumeration(CWE), and the Department of Homeland Security. Although different threats show up in different positions among the lists, each list has SQL and OS injection at the top, along with cross site scripting towards the top. SQL injections are considered the most dangerous due to the ease of the attack, as well as the high frequency of attacks that occur online. To look further into each of these lists, please visit the sites below!
Department of Homeland Security:
http://www.informationweek.com/government/security/feds-identify-top-25-software-vulnerabil/231000504
Common Weaknesses Enumeration:
http://cwe.mitre.org/top25/#Listing
Open Web Application Security Project:
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
No comments:
Post a Comment