Every three years, the Open Web Application Security Project (OWASP) updates its list of the top 10 most critical Web application security flaws. This list changes little from one iteration to the next; the same issues crop up repeatedly because enterprises consistently fail to address common Web application security flaws. Exploitation methods against these flaws have become so rampant that the criminals who build automated exploit toolkit include these methods in their kits, enabling less sophisticated cybercriminals to seek out and exploit Web app vulnerabilities.”
This Search Security slideshow, based on advice from application security expert Michael Cobb, explores five common Web application vulnerabilities from the OWASP top 10 list. He explains how each vulnerability surfaces in a Web application, how a criminal could potentially exploit it and provides mitigations for enterprises that have not yet remediated these Web app flaws.
To proceed to the first Web app vulnerability, click on the orange button below.