The OWASP Top Ten (T10) has been a powerful web application security awareness tool since its inception in 2003. The T10 represents a consensus of the most critical web application security risks and therefore has become the de facto baseline minimum for application security compliance within organizations around the world, as well as a solid measure for secure coding standards.
OWASP releases an updated Top Ten every few years and has recently published their release candidate for 2017. In this talk, we’re going to do a quick-fire walkthrough of the OWASP Top Ten 2017 rc1. We’ll discuss what has changed since 2013 and review of each risk, example vulnerabilities, and how to avoid them.
This presentation will provide you with an excellent starting point for ensuring that your custom module development addresses the most prevalent and critical security risks applications will face in 2017.