OWASP Top 10 Update: Long Overdue Or Same-Old, ...

Network Computing Dark Reading

Advertise

About Us

Threaded | Newest First | Oldest First

[close this box]

50%

johannacuriel,
User Rank: Apprentice
5/14/2017 | 6:53:40 AM

Is not OWASP

"OWASP is now stating that companies need to have some sort of WAF or RASP technology to detect, respond, and patch. This is going to be a controversial one as it's a mitigation to a vulnerability and not a vulnerability in itself,"

This statement is wrong.

Please, is not OWASP as foundation saying this. Project leaders are autonomous on deciding how to manage their projects, OWASP a foundation only supervises that Project leaders behave within a code of conduct and guidelines.

OWASP is a community and stands for OPEN therefore if you do not agree with something JOIN US and come discuss it. You have as a contributor all the power to influence the outcome of every single project and the Top 10 is one of them

Join the discussion and the list, even better , come to the OWASP SUMMIT 2017 in London

where Dave & Team will be there to discuss more about it

Reply | Post Message | Messages List | Start a Board

Editors' Choice

FluBot Malware's Rapid Spread May Soon Hit US Phones

Kelly Sheridan, Staff Editor, Dark Reading, 4/28/2021

7 Modern-Day Cybersecurity Realities

Steve Zurier, Contributing Writer, 4/30/2021

How to Secure Employees' Home Wi-Fi Networks

Bert Kashyap, CEO and Co-Founder at SecureW2, 4/28/2021

Live Events

Webinars

Dark Reading June 24 Virtual Event a free, all-day online conference. LEARN MORE

Finding & Stopping Enterprise Data Breaches - June 24 - Dark Reading Virtual Event

More Informa Tech Live Events

White Papers

Hidden Costs of Endpoint Security

The Definitive Buyer's Guide for Managed Threat Detection and Response Services

Tech Insights: Detecting and Preventing Insider Data Leaks

Managed Threat Detection and Response

The Microsoft Teams Telephony User Experience

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: Earthling...PLEASE help me! The wormhole is about to close and I do not understand... - At least 8 characters—the more characters, the ...

Cartoon Archive

Current Issue

2021 Top Enterprise IT Trends

We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Battle for the Endpoint

How to build a new cyber strategy for 2021 and beyond.

Download Now!

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

The Malware Threat Landscape

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-31458
PUBLISHED: 2021-05-07

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

CVE-2021-31459
PUBLISHED: 2021-05-07

CVE-2021-31460
PUBLISHED: 2021-05-07

CVE-2021-31461
PUBLISHED: 2021-05-07

CVE-2021-31462
PUBLISHED: 2021-05-07

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]