M.8) Know the OWASP Top 10

Category:        Product development, Periodic

Responsible:   PSR

Effort:              5 hours for PSR, 2 hours for every developer and tester

Based on:        BSI IT Grundschutz M 3.95 / M 3.97

The PSR needs to train every developer and tester on the OWASP Top 10. The training should take orientation on the programming language(s) the company uses and should include examples.

Furthermore the different rules from the OWASP Top 10 (e.g. the Ruby on Rails Cheatsheet) should be part of the coding guidelines.

The training should be done at least annually.



The information contained in this website is for general information purposes only. You can find more information about the accuracy of the information on the disclaimer and terms and conditions pages.