Andreas Engel - BizDev & Marketing Consulting
andreasengel.com
Thursday, February 14, 2008
  Handling Open Web Application Security
As the market dynamics change digital business is quickly becoming the method of choice for any enterprise to offer products and services on-demand to their market applying next-generation information infrastructures with AJAX as an ideal partner to complement modern SOA architectures.

But moving applications to the Web also brings up a lot of questions how to deal with security issues. The OWASP is an open project and a community to help make informed decisions about Web application security risks. In 2007 the most serious web application vulnerabilities (as PDF) were:
  1. Cross Site Scripting (XSS)
  2. Injection Flaws
  3. Malicious File Execution
  4. Insecure Direct Object Reference
  5. Cross Site Request Forgery (CSRF)
  6. Information Leakage and Improper Error Handling
  7. Broken Authentication and Session Management
  8. Insecure Cryptographic Storage
  9. Insecure Communications
  10. Failure to Restrict URL Access
For the most prevalent Web application frameworks and especially for open source development, where open source software became the most prominent face of open source the OWASP project represents an excellent ressource to stay informed and make decisions about application security.

The project also provides a comprehensive guide to build secure Web applications and Web services and many recommendations also for projectmanagers, application owners and of course C-level executives.

Labels: , , , ,

 
Comments: Post a Comment

Links to this post:

Create a Link


<< Home

'People's behavior in researching buying related information and decision making has changed during the last months. Their favorite methods include researching buying related price comparison sites, RSS-feeds, review sites, blogs and travel sites, while consumer generated content and peer-reviews have a huge impact on their decision making.'
SubscribeSite Feed | Skype MeMy status | eMailGmail | Homea

My Photo
Name: Andreas Engel
Location: Düsseldorf, NRW, Germany

BizDev & Product Management | eCommerce, PMI, ITIL

Twitter Updates
follow me on Twitter

Previous Posts
Google Reader Does not Like Special Characters
A Favorite Ski Resort, l'Espace Killy, Val d'Isere...
Perfect Open Source Project Management on a Linux ...
Consumer Recomendations more Influencing than ever...
Vodafone UK Part of Google Checkout Network Now
Fascination Speed: New MB World Speed Record
Next-generation Communications and Collaboration w...
Chinese Alipay Launched as a Global Payments Optio...
Yesterday's Fabulous Horse Racing Event in D.
Welcome to the Payments Club, Amazon FPS Started

Tagging Thing
Ajax | Branding | Checkout | Collaboration | Diving | Entertainment | Checkout | Google | Lifestyle | Movies | Photos | Strategy | Networking | Productivity | Videos | Web 2.0

Strategy Evaluaton
Current and Future eCommerce Challenges (HTML)
Spotlight 2.0 (HTML) | (PDF MindMap)
TnT 2.0 (PDF MindMap)