Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.
Course Of The Month
1 day, 23 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
I need to use OWASP top 10 functionality in my application in full fleged , can anybody guide me for that
Posted on 2013-01-03
i am implementing OWASP top 10 in my application, would be highly appreciable to give proper guideline to implement it.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2
2
6 Comments
you mean you want to build a secure application?
https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide
https://www.owasp.org/index.php/Secure_Coding_Principles
https://www.owasp.org/index.php/Category:Cheatsheets
https://www.owasp.org/index.php/Esapi
https://www.owasp.org/index.php/ESAPI_Secure_Coding_Guideline
https://www.owasp.org/index.php/Category:OWASP_Guide_Project
https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide
https://www.owasp.org/index.php/Secure_Coding_Principles
https://www.owasp.org/index.php/Category:Cheatsheets
https://www.owasp.org/index.php/Esapi
https://www.owasp.org/index.php/ESAPI_Secure_Coding_Guideline
https://www.owasp.org/index.php/Category:OWASP_Guide_Project
Active today
OWASP cheatsheet is a good and quick glimpse on what you need but importantly decide on the programming language and explore the ESAPI which has a wide list of support for that. If you into .NET, suggest you catch this eBook
http://www.troyhunt.com/2011/12/free-ebook-owasp-top-10-for-net.html
This is another quick view of overall that I liked espe for sharing with other developer (single page for each vulnerability). Note also the reference that has further more links to tap on for testing as well
https://www.owasp.org/images/0/0f/OWASP_T10_-_2010_rc1.pdf
Coming back it is not just coding, testing is critical be it Static code and Dynamic test. Like this as quick check where you are in stages of testing.
http://resources.infosecinstitute.com/owasp-top-10-tools-and-tactics/
Of course the various scanner is available out there which I recommend you see this blog
http://sectooladdict.blogspot.sg/2012/07/2012-web-application-scanner-benchmark.html
http://www.troyhunt.com/2011/12/free-ebook-owasp-top-10-for-net.html
This is another quick view of overall that I liked espe for sharing with other developer (single page for each vulnerability). Note also the reference that has further more links to tap on for testing as well
https://www.owasp.org/images/0/0f/OWASP_T10_-_2010_rc1.pdf
Coming back it is not just coding, testing is critical be it Static code and Dynamic test. Like this as quick check where you are in stages of testing.
http://resources.infosecinstitute.com/owasp-top-10-tools-and-tactics/
Of course the various scanner is available out there which I recommend you see this blog
http://sectooladdict.blogspot.sg/2012/07/2012-web-application-scanner-benchmark.html
> http://resources.infosecinstitute.com/owasp-top-10-tools-and-tactics/
please don't read
*OWASP Top 10 Tools* and tactics
but
*OWASP Top 10*: (some) tools and tactics
these tools a just for beginners to get an idea what web application security is about; depending on the goal to achieve there're more and better tools (not meaning that the listed tools are insufficient, and no offence meant)
another incomplete list
https://www.owasp.org/index.php/Phoenix/Tools
anyway, thanks for the link
please don't read
*OWASP Top 10 Tools* and tactics
but
*OWASP Top 10*: (some) tools and tactics
these tools a just for beginners to get an idea what web application security is about; depending on the goal to achieve there're more and better tools (not meaning that the listed tools are insufficient, and no offence meant)
another incomplete list
https://www.owasp.org/index.php/Phoenix/Tools
anyway, thanks for the link
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Businesses who process credit card payments have to adhere to PCI Compliance standards. Here’s why that’s important.
When the s#!t hits the fan, you don’t have time to look up who’s on call, draft emails, call collaborators, or send text messages. An instant chat window is definitely the way to go, especially one like HipChat.
HipChat is a true business app. An…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses
Course of the Month1 day, 23 hours left to enroll
717 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.