Data behind Owasp Top 10 2017
Due to its wide use, acceptance, and need for trusted results, it is essential that the data supporting the OWASP Top 10 2017 is understood and accepted by the community.
The OWASP Top 10 2017 did a ‘request for data’ which might not have reached as wide an audience as it should have reached.
The Summit, and this Working Session, provide a perfect opportunity to allow the current data set to be understood and for new data sets/analysis to be submitted/analysed (these will validate the current Top 10 items, or provide evident for changes).
- Deep dive into published/original data set
- Allow new data set and analysis to be submitted (data to be normalised before the Summit)
- Review data provided and compare with existing Top 10 items
- (If relevant) create evidence for changes
- Majority of participants to agree on the data set supporting the final Top 10 2017 mappings
The target audience for this Working Session is:
- OWASP_Top_10 - 2017 Release Candidate1 English.pdf
- OWASP Top 10 - 2017 Data Call-Public Release.xls
- owasp-topten mailing list (april 2017)
- Musings on the OWASP Top 10 2017 RC1 Part 2: The Data
- New OWASP Top 10 Reveals Critical Weakness in Application Defenses
- OWASP Top 10 Update: Is It Helping to Create More Secure Applications?
- OWASP Top 10 Update: Long Overdue Or Same-Old, Same-Old?
- Contrast Security responds to OWASP Top 10 controversy
- Two New Vulnerabilities added to the OWASP Top 10
- Why OWASP Top 10 is no longer relevant
- Behind the The OWASP Top 10 2017 RC1
- OWASP Top 10 A7 Controversy (twitter moment)
- Musings on the OWASP Top 10 2017 RC1
- Which of the OWASP Top 10 Caused the World’s Biggest Data Breaches?
Back to list of all Working Sessions and Tracks
Edit this page here