OWASP and the Top 10 risks for Asp.Net Web Applications

 

OWASP is Open Web Application Security Project which is a non-profit charitable organisation established with the express purpose of promoting secure web application design. In today's world we have to develop more secure web applications, but remember one thing it is not possible to develop 100% secure web application. This because of hackers are finding new ways to hack the web application daily.

 

OWASP mentioned ten different security risks for Asp.Net web applications. Those are

 

1.       Injection

 

2.       Cross-Site Scripting (XSS)

 

3.       Broken Authentication and Session Management

 

4.       Insecure Direct Object References

 

5.       Cross-Site Request Forgery (CSRF)

 

6.       Security Misconfiguration

 

7.       Insecure Cryptographic Storage

 

8.       Failure to Restrict URL Access

 

9.       Insufficient Transport Layer Protection

 

10.   Invalidated Redirects and Forwards

 

In my feature articles I will explain each security risk in-detail.