From the course: CSSLP Cert Prep: 4 Secure Software Implementation
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
The OWASP Top 10: 6–10
From the course: CSSLP Cert Prep: 4 Secure Software Implementation
The OWASP Top 10: 6–10
- Knowing OWASP Top Five Web application security risks is a good start, but knowing all 10 is even better. Let's take a closer look at risks six through 10. The sixth risk in the OWASP Top 10 is Security Misconfiguration. OWASP takes the stance as securing your apps involves more than just writing secure code. Consider all the things you installed to make the app work. Did you install them correctly? This extends to the entire app infrastructure. It includes services on the host system, open network ports, and even how you can figure your error messages. For example, you may have installed a TLS certificate to encrypt update in transit. Did you remember though, to disable http? If you did, then the Web server will force all app traffic to pass over https. If not, users can bypass your encryption certificate and transmit data in plain text. The seventh risk in the OWASP Top 10 is Cross-Site Scripting. This risk…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.