layout | title | type | description | track | status | organizers | participants |
---|---|---|---|---|---|---|---|
blocks/working-session |
Data behind Owasp Top 10 2017 |
workshop |
Due to its wide use, acceptance and need for trusted results, it is key that the data supporting the OWASP Top 10 2017 is understood and accepted by the community. |
Owasp Top 10 2017 |
featured |
Dave Wichers, Johanna Curiel, Claudia Cassanovas |
Brian Glas |
Due to its wide use, acceptance and need for trusted results, it is key that the data supporting the OWASP Top 10 2017 is understood and accepted by the community.
The OWASP Top 10 2017 did a 'request for data' which might not have reached an audience as wide as it should.
The Summit provides a perfect opportunity to allow the current data set to be understood and for new data sets/analysis to be submitted/analysed (these will validate the current Top 10 items, or provide evident for changes).
- Deep dive into published/original data set
- Allow new data set and analysis to be submitted (data to be normalised before the Summit)
- Review data provided and compare with existing Top 10 items
- (If relevant) create evidence for changes
- Majority of participants to agree on the data set supporting the final Top 10 2017 mappings
(in order resources where found)
- OWASP_Top_10 - 2017 Release Candidate1 English.pdf
- OWASP Top 10 - 2017 Data Call-Public Release.xls
- owasp-topten mailing list (april 2017)
- Musings on the OWASP Top 10 2017 RC1 Part 2: The Data
- New OWASP Top 10 Reveals Critical Weakness in Application Defenses
- OWASP Top 10 Update: Is It Helping to Create More Secure Applications?
- OWASP Top 10 Update: Long Overdue Or Same-Old, Same-Old?
- Contrast Security responds to OWASP Top 10 controversy
- Two New Vulnerabilities added to the OWASP Top 10
- Why OWASP Top 10 is no longer relevant
- Behind the The OWASP Top 10 2017 RC1
- OWASP Top 10 A7 Controversy (twitter moment)
- Musings on the OWASP Top 10 2017 RC1
- Which of the OWASP Top 10 Caused the World’s Biggest Data Breaches?