Latest OWASP Top 10 looks at APIs, web apps

The new release of the OWASP Top 10 list is out for public comment from the Open Web Application Security Project, and while most of it remains the same there are a couple of new additions, focusing on protections for web applications and APIs.To make room for the new items, a couple of older ones were either removed or merged into new items.The fact that the list hasn’t changed much since its first release in 2003 is both good and bad, said Jeff Williams, CTO and co-founder at Contrast Security.

Read full article at CSO magazine.

This article was also reprinted in Network WorldCIO magazine, and CIO Asia.