layout | title | type | track | technology | related-to | status | when-day | when-time | location | organizers | participants | outcomes |
---|---|---|---|---|---|---|---|---|---|---|---|---|
blocks/working-session |
What Should be Added to the Top 10 |
workshop |
Owasp Top 10 2017 |
OWASP Proactive Controls |
out |
Andrew Ven Der Stock |
Katy Anton, Jonas Vanalderweireldt, Mateo Martinez |
mapped |
There are many opinions about the existing Top 10 categories. This Working Session will allow participants to present data and supporting information on what the different categories should include and sections to the document which will help on the understanding and solving.
- Add data and information about Top 10 Categories
- Which existing categories should be replaced?
- Agreed list of OWASP Top 10 2017 categories and sections
The target audience for this Working Session is:
- Security Professionals
- AppSec teams
- Tool vendors
- OWASP Proactive Controls
- "Owasp top 10 2017 RC - Comments, observations and ideas" Slideshare presentation
- "looks like you have turned the OWASP Top 10 Risks into the OWASP Top 10 proactive controls (which already exists!) Maybe that's the answer.." twitter
- "Another day, another client with external RCE from a #Java Deserialisation vulnerability. Truly the gift which keeps on giving" from twitter
- OWASP Top 10 2017 — What should be there
Long list of potential categories for inclusion in OWASP Top 10 2017 categories (please add as much information as possible before the sessions)
Is there any other content needed? Government? Industry? Chapter Leaders? Deveoplers?