May 26, 2012 - 23:53 UTC - Tags: OWASP JavaScript Security
The OWASP Top 10 is a risk focused list of the top 10 most critical web application security risk.
The background for this series is applications that make heavy use of javascript. Typically they will be single page apps, where the page is a static HTML with no user data, and user data is loaded using json-based services, and the client side logic is implemented using frameworks like backbone.js.
- A1 - Injection
- A2 - Cross Site Scripting (XSS)
- A3 - Broken Authentication and Session Management
- A4 - Insecure Direct Object References
- A5 - Cross Site Request Forgery (CSRF)
- A6 - Security Misconfiguration
- A7 - Insecure Cryptographic Storage
- A8 - Failure to Restrict URL Access
- A9 - Insufficient Transport Layer Protection
- A10 - Unvalidated Redirects and Forwards
This series is inspired by Troy Hunt's excellent series on OWASP Top 10 for .NET. This page will serve as an index for the upcoming posts.
Missing anything?Contact me on twitter and I'll be happy to add (with attribution).
About Erlend
Security guy with some thoughts on secure development.
Tag cloud
Categories
Blogroll
