For the first time in four years, we have a new OWASP Top 10 list of the most critical application security risks. Cross-site request forgery (CSRF) and unvalidated redirects and forwards have been bumped off the list. XML external entities, insecure deserialization and insufficient logging and monitoring have been added. What’s the significance of both the additions, and the subtractions? CA Veracode’s VP of Research Chris Eng recently sat down with Evan Schuman to discuss the new list and its implications. Their conversation covers:
Make sure you understand this important update and its implications; listen to this 10-minute conversation today.