Of course it won't look original since OWASP contributed to the list! :-) Anyway, OWASP's list is specific for web applications/services while the CWE/SANS TOP 25 Most Dangerous Programming Errors list refers to programming in general. GSSP[1], anyone?
[1] http://www.sans-ssi.org/certification/#cert On Tue, Jan 13, 2009 at 6:18 AM, Drexx Laggui [personal] <dre...@gmail.com>wrote: > 13Jan2009 (UTC +8) > > I think it's a great list. Not original though, because the OWASP guys > have been working on something like that already for some time now. As > long as they get the word out, then IT people can get it right the > first time, and in their effort, help make the word a better place. > > If the list below was properly addressed by web developers today, it > makes Internet penetration testing a lot more challenging... and > definitely weed out the wannabees. >
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
