OWASP Top 10 2007

Most developers who use Microsoft developer tools and technologies will tell you that if you're looking for developer resources, just go to msdn online. Well not everyone uses Microsoft developer tools and technologies. This is where the Open Web Application Security Project (OWASP) comes in. When folks are looking for application software security guidance, they'll go to an online community such as OWASP. OWASP provides straightforward information so that folks can make informed decisions on the state of their application security whether you're working in .NET, Java, or PHP.

So be sure to check out OWASP, and especially their top 10 list for web application vulnerabilities at https://www.owasp.org/index.php/Top_10_2007 .

Comments

• Anonymous
  May 17, 2008
  Hi George, I caught your blog post and wanted to let you know that OWASP is putting some attention into the OWASP .NET project.  I've volunteered to lead it and make sure we provide useful information to the community.  If you're interested, or anyone reading this is interested, we're always looking for contributors to the project, either writing useful stuff or coding useful projects.  Stop by http://www.owasp.org/index.php/.NET_Project_ReOrg_Alpha to see where we plan to go in the next couple of months.   Thanks for support of OWASP in general. Mark Roxberry OWASP .NET Project Leader

• Anonymous
  May 19, 2008
  Hi Mark - That's awesome. I'm working with Bryan Sullivan and Katiemo to ensure we get community engagement for addressing security issues that developers face everyday.