As we wade through the morass of the Infosec swamp, we come across the OWASP 2013 report of web app vulnerabilities. Since Mr. Boettcher and I find ourselves often attempting to explain these kinds of issues to people on the Internet and in our daily lives, we thought it would be prudent to help shed some light on these.
So this week, we discuss the lower of the top 10, the ones that aren't as glamorous or as earth shaking as XSS or SQLI, but are gotchas that will bite thine ass just as hard.
Next week is the big ones, the Top 5... all your favorites, in one place!
OWASP Top 10 (2013) PDF: http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202013.pdf
Costs of finding web defects early (2008): http://www.informit.com/articles/article.aspx?p=1193473&seqNum=6