WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!
I need to use OWASP top 10 functionality in my application in full fleged , can anybody guide me for that
i am implementing OWASP top 10 in my application, would be highly appreciable to give proper guideline to implement it.
Asked:
2
2
3 Solutions
OWASP cheatsheet is a good and quick glimpse on what you need but importantly decide on the programming language and explore the ESAPI which has a wide list of support for that. If you into .NET, suggest you catch this eBook
http://www.troyhunt.com/2011/12/free-ebook-owasp-top-10-for-net.html
This is another quick view of overall that I liked espe for sharing with other developer (single page for each vulnerability). Note also the reference that has further more links to tap on for testing as well
https://www.owasp.org/images/0/0f/OWASP_T10_-_2010_rc1.pdf
Coming back it is not just coding, testing is critical be it Static code and Dynamic test. Like this as quick check where you are in stages of testing.
http://resources.infosecinstitute.com/owasp-top-10-tools-and-tactics/
Of course the various scanner is available out there which I recommend you see this blog
http://sectooladdict.blogspot.sg/2012/07/2012-web-application-scanner-benchmark.html
http://www.troyhunt.com/2011/12/free-ebook-owasp-top-10-for-net.html
This is another quick view of overall that I liked espe for sharing with other developer (single page for each vulnerability). Note also the reference that has further more links to tap on for testing as well
https://www.owasp.org/images/0/0f/OWASP_T10_-_2010_rc1.pdf
Coming back it is not just coding, testing is critical be it Static code and Dynamic test. Like this as quick check where you are in stages of testing.
http://resources.infosecinstitute.com/owasp-top-10-tools-and-tactics/
Of course the various scanner is available out there which I recommend you see this blog
http://sectooladdict.blogspot.sg/2012/07/2012-web-application-scanner-benchmark.html
> http://resources.infosecinstitute.com/owasp-top-10-tools-and-tactics/
please don't read
*OWASP Top 10 Tools* and tactics
but
*OWASP Top 10*: (some) tools and tactics
these tools a just for beginners to get an idea what web application security is about; depending on the goal to achieve there're more and better tools (not meaning that the listed tools are insufficient, and no offence meant)
another incomplete list
https://www.owasp.org/index.php/Phoenix/Tools
anyway, thanks for the link
please don't read
*OWASP Top 10 Tools* and tactics
but
*OWASP Top 10*: (some) tools and tactics
these tools a just for beginners to get an idea what web application security is about; depending on the goal to achieve there're more and better tools (not meaning that the listed tools are insufficient, and no offence meant)
another incomplete list
https://www.owasp.org/index.php/Phoenix/Tools
anyway, thanks for the link
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide
https://www.owasp.org/index.php/Secure_Coding_Principles
https://www.owasp.org/index.php/Category:Cheatsheets
https://www.owasp.org/index.php/Esapi
https://www.owasp.org/index.php/ESAPI_Secure_Coding_Guideline
https://www.owasp.org/index.php/Category:OWASP_Guide_Project