Merhaba, OWASP Top 10 2013 ile 2017 arasındaki karşılaştırmayı içeren bir makaleyi paylaşmak istedim. https://www.veracode.com/blog/security-news/owasp-top-10-updated-2017-here%E2%80%99s-what-you-need-know?utm_content=bufferec783&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
OWASP TOP 10 2013 OWASP TOP 10 2017 1. Injection 1. Injection 2. Broken Authentication and Session Management 2. Broken Authentication 3. Cross-Site Scripting 3. Sensitive Data Exposure 4. Insecure Direct Object References (Merged in 2017 with #7) 4. XML External Entities (NEW) 5. Security Misconfiguration 5. Broken Access Control (MERGED) 6. Sensitive Data Exposure 6. Security Misconfiguration 7. Missing Function Level Access Control (Merged in 2017 with #4) 7. Cross-Site Scripting 8. Cross-Site Request Forgery (DROPPED in 2017) 8. Insecure Deserialization (NEW) 9. Using Components With Known Vulnerabilities 9. Using Components With Known Vulnerabilities 10. Unvalidated Redirects and Forwards (DROPPED in 2017) 10. Insufficient Logging and Monitoring (NEW) İyi çalışmalar Hakan CENGİZ The information transferred by this e-mail is solely for the intended recipient(s). Any disclosure, copying, distribution of this e-mail by and to others is not allowed. If you are not an intended recipient, please delete this e-mail and notify the sender. Bu e-posta sadece gonderilmek istenilen kisiler icin ozel haberlesme amacini tasimaktadir. Bu mesajin herhangi bir sekilde ifsa edilmesi, kopyalanmasi ve dagitimi yapilamaz. Size yanlislikla ulasmissa lutfen mesaji geri gonderiniz ve sisteminizden siliniz.
------------------------------------------------- Siber Güvenlik Kış Kampı’18 Başvuruları Açıldı! http://www.siberkamp.org/ -------------------------------------------------
