LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,100 courses taught by industry experts.

The OWASP Top 10: 6-10

The OWASP Top 10: 6-10

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

The OWASP Top 10: 6-10

“

- [Host] Knowing OWASP's top five web application security risks is a good start, but knowing all 10 is even better. Let's take a closer look at risks six through 10. The sixth risk in the OWASP top 10 is vulnerable and outdated components. A developer's job is not easy and it's become standard practice to reuse someone else's code if they've already figured out how to make an application do what you want yours to do. That code could be a language specific library. It could be an open source module. It could even be something as simple as a snippet of code that they found on Stack Exchange. If the code they decide to use has a security flaw in it, then your application will soon be vulnerable to attacks that exploit that same weakness. OWASP dependency check and dependency track projects are dedicated to identifying risks associated with components that your team didn't build themselves. The seventh risk of the OWASP top 10 is broken authentication. When an attacker exploits a flaw in…

Contents