from the how-come-letterman-never-reads-these-on-air? dept.
hypnosec writes "OWASP's Top 10, the Open Web Application Security Project's top 10 most critical web application security risks, has been updated and a new list for 2013 published. Last updated back in 2010, the organization has published the new list wherein the importance of cross-site scripting (XSS) and cross-site request forgery (CRSF) has been diluted a little, while risks related to broken session management and authentication have moved up a notch. Code injection, which was the topmost risk in 2010, has retained its position in the updated list. The 2013 Top Ten list (PDF) has been compiled based on half a million vulnerabilities discovered in thousands of applications from hundreds of vendors."
Fools ignore complexity. Pragmatists suffer it.
Some can avoid it. Geniuses remove it.
-- Perlis's Programming Proverb #58, SIGPLAN Notices, Sept. 1982