May 23, 2010 Leave a comment
The Open Web Application Security Project (OWASP), an organization devoted to monitoring the state of security on the web, has recently released an updated report capturing the risks associated with the use of web applications
The top three risks are:
- SQL Injection–where hackers are able to use programming techniques to access the information stored in databases behind a website
- Cross-Site Scripting (XSS) – another technique where hackers are able to inject software code into a web application, and potentially gain access to sensitive information or cause it to behave in undesirable ways
- Broken Authentication and Session Management -a condition where hackers are able to exploit vulnerabilities in the web application to hijack user or administrative accounts
The report lists other security risks, adding up to ten in total. It is good to be aware that such risks exist out there, specially as more and more businesses put their valuable information on hosted or “cloud-based” web applications.