The Top 10 Web application security risks produced by OWASP is an evolving resource that helps organizations focus on the most prominent risks in web security today. Every few years we see a revision; the types of attacks we're witnessing change, the defenses change, and the risk and associated priority changes. OWASP adapts to this changing environment and recently made available the 2013 edition of the Top 10. This course is designed to help those who already have an awareness of the Top 10 understand what's new in the latest edition and how the landscape has changed in three short years. It also introduces the concept of "Risk Assessments" and provides further resources to help go beyond just the Top 10 risks.
Learning Objectives
- Risk Assessment
- What's Changed in the Top 10
- Additional Risks to Consider
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Exploitation Analysis
- Software Development
- Vulnerability Assessment and Management
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@hq.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.