note

OWASP SAMMではじめる、プロダクトセキュリティの評価と中期計画

ワンキャリアでセキュリティエンジニアをしている蟹と申します。 本稿は、先日下記のイベントで、セキュリティ組織についてのフレームワーク「OWASP SAMM」についてお話しした内容を記事化したものです。 とても重要で難しいテーマだと思います。
Dark Reading

New OWASP Top 10 List Includes Three New Web Vulns

After months of review, the Open Web Application Security Project has finally formally updated its widely used, if somewhat disputed, ranking of top Web application security vulnerabilities. OWASP's ...
Dark Reading

New OWASP Top 10 Reflects Unchanged State Of Web Security

The oft-cited and oft-debated OWASP Top 10 list of the most critical vulnerabilities in Web applications got an update this week with the most prevalent flaw -- injection -- remaining at the No. 1 ...
heise online

Awareness for Web Security: The OWASP Top Ten 2025

The Open Worldwide Application Security Project (OWASP) presented the first release candidate of the OWASP Top Ten 2025 at its "Global AppSec USA" conference: the list of the biggest security risks ...
Infosecurity-magazine.com

XSS is Most Rewarding Bug Bounty as CSRF is Revived

Cross-site scripting (XSS) is the most rewarding security vulnerability, according to data on the number of bug bounties paid. According to HackerOne’s top 10 most impactful security vulnerabilities, ...