Re: Will the Open Group consider incorporating software security features in its software technical standards given the fact that these days lots of software are getting hacked?

[Amit via austin-group-l at The Open Group]

> Input validation is essential, but it's not the whole picture.
> If you look at OWASP top ten for 2025, broken access control
> ranks 1st.

That's right, but if someone wants to get hacked deliberately then we
can't do anything about it.

>From the AI overview of the top 10, it looks like 4 of them are directly 
>related
to input not being validated / input not being sanitized.

I haven't dug deep into the remaining 5 but I suspect that few of them
will again
relate to input not being validated / input not being sanitized. But I
am not making
a statement on this as of now.

My most important point and the central point of my whole proposal is that
""""We should not satisfy the minority at the expense of the majority.""""

If people don't agree with me on this point, then obviously there won't be any
point in me pursuing my proposal on this forum.

So, I would request people to think about this point first.

If people agree, it will be fine with me, and if people don't agree, then also
it will be fine with me.

But this is the first point that should be sorted out.

Amit