Comments on: OWASP Top 10 2010 – Cheat Sheet http://www.greebo.net/2010/02/09/owasp-top-10-2010-cheat-sheet/ mostly useless crap from me Sat, 24 Jul 2010 11:56:43 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Found: Nice OWASP Top 10 Cheat Sheet | Geek on the Loose http://www.greebo.net/2010/02/09/owasp-top-10-2010-cheat-sheet/comment-page-1/#comment-21551 Found: Nice OWASP Top 10 Cheat Sheet | Geek on the Loose Sun, 21 Feb 2010 00:51:44 +0000 http://www.greebo.net/?p=619#comment-21551 [...] discovered this very useful, developer-centric cheat sheet for the OWASP Top 10 for 2010 (go directly to the pdf). It's nice and concise and gets straight to the simplest code fixes that [...] [...] discovered this very useful, developer-centric cheat sheet for the OWASP Top 10 for 2010 (go directly to the pdf). It's nice and concise and gets straight to the simplest code fixes that [...]

]]> By: AbiusX http://www.greebo.net/2010/02/09/owasp-top-10-2010-cheat-sheet/comment-page-1/#comment-21546 AbiusX Fri, 19 Feb 2010 08:12:06 +0000 http://www.greebo.net/?p=619#comment-21546 Hi Andrew, I think its a very useful document, but it lacks operational solutions, i.e you have reference ESAPI modules for preventions only, but if anyone knew ESAPI enough s/he wouldn't need a top ten cheat sheet at all! Provide some alternate solutions, such as libraries for XSS or Prepared Statements for injections. Regards AbiusX Hi Andrew,
I think its a very useful document, but it lacks operational solutions, i.e you have reference ESAPI modules for preventions only, but if anyone knew ESAPI enough s/he wouldn’t need a top ten cheat sheet at all!

Provide some alternate solutions, such as libraries for XSS or Prepared Statements for injections.

Regards
AbiusX

]]> By: Leto http://www.greebo.net/2010/02/09/owasp-top-10-2010-cheat-sheet/comment-page-1/#comment-21506 Leto Wed, 10 Feb 2010 00:04:12 +0000 http://www.greebo.net/?p=619#comment-21506 Useful, thanks! Useful, thanks!

]]> By: securityninja http://www.greebo.net/2010/02/09/owasp-top-10-2010-cheat-sheet/comment-page-1/#comment-21505 securityninja Tue, 09 Feb 2010 17:28:52 +0000 http://www.greebo.net/?p=619#comment-21505 Hi Andrew, I like this approach to helping developers. It is similar to something I have been promoting for a while now called the Principles of Secure Web Development. I'd rather focus on the things a developer should do right instead of the things an attacker might do. More details on the principles can be found on my website or by listening to a soon to be published OWASP podcast I recorded recently :) SN Hi Andrew,

I like this approach to helping developers. It is similar to something I have been promoting for a while now called the Principles of Secure Web Development.

I’d rather focus on the things a developer should do right instead of the things an attacker might do.

More details on the principles can be found on my website or by listening to a soon to be published OWASP podcast I recorded recently :)

SN

]]>