OWASP Top 10

As part of our commitment to the security of our company and also our customers. We have started using the OWASP Top 10 in order to provide a rating system for our Web Application Security and Vulnerability assessments.

Here is a list of the Top 10:

A1 Injection
A2 Broken Authentication and Session Management (XSS)
A3 Cross Site Scripting (XSS)
A4 Insecure Direct Object References
A5 Security Misconfiguration
A6 Sensitive Data Exposure
A7 Missing Function Level Access Control
A8 Cross Site Request Forgery (CSRF)
A9 Using Components with Known Vulnerabilities
A10 Unvalidated Redirects and Forwards

For additional information you can review the OWASP Top 10 Project website @ http://owasp.org. Ref: OWASP Top 10 2013 document (PDF)