TechEcho

westurnerover 5 years ago

"OWASP Top 10 Most Critical Web Application Security Risks" <a href="https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project" rel="nofollow">https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Proje...</a><p>> <i>A1:2017-Injection, A2:2017-Broken Authentication, A3:2017-Sensitive Data Exposure, A4:2017-XML External Entities (XXE), A5:2017-Broken Access Control, A6:2017-Security Misconfiguration, A7:2017-Cross-Site Scripting (XSS), A8:2017-Insecure Deserialization, A9:2017-Using Components with Known Vulnerabilities, A10:2017-Insufficient Logging&Monitoring</i><p>"OWASP Top 10 compared to SANS CWE 25" <a href="https://www.templarbit.com/blog/2018/02/08/owasp-top-10-vs-sans-cwe-25/" rel="nofollow">https://www.templarbit.com/blog/2018/02/08/owasp-top-10-vs-s...</a>

fulafelover 5 years ago

Robust confidentiality against traffic analysis is one.

评论 #20793985 未加载

codegladiatorover 5 years ago

Do you mean like credit card number ?

评论 #20793996 未加载

Ask HN: What's the hardest thing to secure in a web-app?

3 comments

Ask HN: What's the hardest thing to secure in a web-app?

3 comments