Scribd Logo
Upload

Welcome to Scribd!

  • 29 views

    BCS Level 3 Award in Coding and Logic

    Uploaded by

    abdul shahid
    The document discusses the OWASP Top 10 project which publishes a list of the top 10 web application security risks worldwide. It aims to enhance web application security and enable organizations to develop trusted applications. The top risks are rated based on factors like exploitability, prevalence, detectability, and impact with the most serious listed at the top. Common hacking techniques targeting web servers include denial of service, leakage, cross-site scripting, and SQL injection. While SSL/TLS certificates provide encryption, they do not prevent level 7 attacks that traditional firewalls cannot detect.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    BCS Level 3 Award in Coding and Logic

    Uploaded by

    abdul shahid
    29 views5 pages
    The document discusses the OWASP Top 10 project which publishes a list of the top 10 web application security risks worldwide. It aims to enhance web application security and enable organizations to develop trusted applications. The top risks are rated based on factors like exploitability, prevalence, detectability, and impact with the most serious listed at the top. Common hacking techniques targeting web servers include denial of service, leakage, cross-site scripting, and SQL injection. While SSL/TLS certificates provide encryption, they do not prevent level 7 attacks that traditional firewalls cannot detect.

    Original Description:

    Original Title

    3.4 OWASP

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses the OWASP Top 10 project which publishes a list of the top 10 web application security risks worldwide. It aims to enhance web application security and enable organizations to develop trusted applications. The top risks are rated based on factors like exploitability, prevalence, detectability, and impact with the most serious listed at the top. Common hacking techniques targeting web servers include denial of service, leakage, cross-site scripting, and SQL injection. While SSL/TLS certificates provide encryption, they do not prevent level 7 attacks that traditional firewalls cannot detect.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    29 views5 pages

    BCS Level 3 Award in Coding and Logic

    Uploaded by

    abdul shahid
    The document discusses the OWASP Top 10 project which publishes a list of the top 10 web application security risks worldwide. It aims to enhance web application security and enable organizations to develop trusted applications. The top risks are rated based on factors like exploitability, prevalence, detectability, and impact with the most serious listed at the top. Common hacking techniques targeting web servers include denial of service, leakage, cross-site scripting, and SQL injection. While SSL/TLS certificates provide encryption, they do not prevent level 7 attacks that traditional firewalls cannot detect.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 5

    BCS Level 3 Award in

    Coding and Logic


    OWASP Top 10

    • The Open Web Application Security Project (OWASP) is an


    international organization dedicated to enhancing the security of
    web applications. As part of its mission, OWASP sponsors
    numerous security-related projects, one of the most popular being
    the Top 10 Project.
    • This project publishes a list of what it considers the current top 10
    web application security risks worldwide.
    • (OWASP) is an open community dedicated to enabling
    organizations to develop, purchase, and maintain applications that
    can be trusted.

    Figure 3. OWASP Risk Rating Methodology


    OWASP Top 10

    • A majority of the attacks against web


    servers are through network firewalls and
    through the http (80) or https (443) ports.
    Some of the most commonly used hacking
    techniques include denial of service,
    leakage, cross-site scripting, SQL injection
    and disclosure.
    The Vulnerability of Web
    Applications
    Many people assume that the
    presence of a certificate on a web
    server means that the web server will
    create encryption that there will be a
    tunnel from the user’s PC to the web
    server and their transactions will be
    safe. In fact, it actually makes the
    web server less safe, because
    traditional firewalls do not detect
    Level 7 attacks.
    OWASP Top Ten Risk Rating
    Risks are rated according to Exploitability, Prevalence, Detectability, and Impact. Risks are
    listed in the order of seriousness, from the top to the bottom of the chart.

    You might also like