Scribd
Upload
54 views5 pages

BCS Level 3 Award in Coding and Logic

The document discusses the OWASP Top 10 project which publishes a list of the top 10 web application security risks worldwide. It aims to enhance web application security and enable organizations to develop trusted applications. The top risks are rated based on factors like exploitability, prevalence, detectability, and impact with the most serious listed at the top. Common hacking techniques targeting web servers include denial of service, leakage, cross-site scripting, and SQL injection. While SSL/TLS certificates provide encryption, they do not prevent level 7 attacks that traditional firewalls cannot detect.

Uploaded by

abdul shahid
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
54 views5 pages

BCS Level 3 Award in Coding and Logic

The document discusses the OWASP Top 10 project which publishes a list of the top 10 web application security risks worldwide. It aims to enhance web application security and enable organizations to develop trusted applications. The top risks are rated based on factors like exploitability, prevalence, detectability, and impact with the most serious listed at the top. Common hacking techniques targeting web servers include denial of service, leakage, cross-site scripting, and SQL injection. While SSL/TLS certificates provide encryption, they do not prevent level 7 attacks that traditional firewalls cannot detect.

Uploaded by

abdul shahid
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 5

BCS Level 3 Award in

Coding and Logic


OWASP Top 10

• The Open Web Application Security Project (OWASP) is an


international organization dedicated to enhancing the security of
web applications. As part of its mission, OWASP sponsors
numerous security-related projects, one of the most popular being
the Top 10 Project.
• This project publishes a list of what it considers the current top 10
web application security risks worldwide.
• (OWASP) is an open community dedicated to enabling
organizations to develop, purchase, and maintain applications that
can be trusted.

Figure 3. OWASP Risk Rating Methodology


OWASP Top 10

• A majority of the attacks against web


servers are through network firewalls and
through the http (80) or https (443) ports.
Some of the most commonly used hacking
techniques include denial of service,
leakage, cross-site scripting, SQL injection
and disclosure.
The Vulnerability of Web
Applications
Many people assume that the
presence of a certificate on a web
server means that the web server will
create encryption that there will be a
tunnel from the user’s PC to the web
server and their transactions will be
safe. In fact, it actually makes the
web server less safe, because
traditional firewalls do not detect
Level 7 attacks.
OWASP Top Ten Risk Rating
Risks are rated according to Exploitability, Prevalence, Detectability, and Impact. Risks are
listed in the order of seriousness, from the top to the bottom of the chart.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy