Owasp Top 10
I have attempted to pen down Owasp 10 in an abstract level. Following is my understanding and I am planning to write an article for every security risks.
The top 10 is as follows.
The OWASP Top 10 is a list of the top 10 most critical web application security risks. This list is updated periodically to reflect changes in the threat landscape and to help developers prioritize their security efforts. Here are the current OWASP Top 10 web application security risks:
Injection:
Injection flaws occur when untrusted data is sent to an interpreter as part of a command or query, which can allow an attacker to execute unintended commands or access sensitive data.
Measures to avoid injection:
There are several methods to avoid SQL injection attacks:
Parameterized Queries:
One of the most effective ways to prevent SQL injection attacks is to use parameterized queries. Parameterized queries separate the SQL code from the user input, making it impossible for an attacker to inject malicious SQL code.
Stored Procedures:
Stored procedures are pre-written SQL code that is stored on the database server. By using stored procedures, you can prevent SQL injection attacks by restricting the types of queries that can be executed.
Input Validation and Sanitization: