#113: Security Briefing - The OWASP Top 10 - Part 3

10 min • 15 december 2021

The OWASP Top 10 is the most critical security concerns for web application security as defined by the Open Web Application Security Project®

In the last two episode, I introduce OWASP, their Top 10, why it matters and who it affects - as well as introducing the first seven on the list.

In this episode, I talk about eight to ten of the list.

Find this episodes show notes at: https://red-folder.com/podcasts/113

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

Senaste avsnitt

#113: Security Briefing - The OWASP Top 10 - Part 3

Senaste avsnitt

#205: Estimation - a wrap-up

#204: Estimation - Professionalism

#203: Estimation - Is Artificial Intelligence the answer?

#202: Estimation - Quantitative approaches

#201: Estimation - the #NoEstimate approach

#200: Estimation - Qualitative Approaches

#199: Estimation - Quantitative vs Qualitative

#198: Estimation vs the punitive target

#197: Estimation vs Dependencies

#196: Estimation vs Planning

#195: Estimation - An estimate by any other name

#194: Estimation - What are you actually asking for?

#193: Estimation - How much to invest

#192: Estimation - Predictability vs Optimism

#191: Estimation - what is a valuable estimate?

#190: Estimation - Do you get value?

#189: Estimation - a review

#188: Bad for ROI - More Developers

#187: Bad for ROI - More Planning - Part 2

#186: Bad for ROI - More Planning - Part 1

#185: Bad for ROI - Overemphasis on Perfection

#184: Bad for ROI - the Feature Factory

#183: Bad for ROI - Performance measurements in software development

#182: Bad for ROI - Bonuses

#181: Bad for ROI - RAG reporting

#180: Bad for ROI - the HiPPO

#179: Does the manager still have a role to play in the modern software development team?

#178: Transaction-based costing - a wrap-up

#177: Transaction-based costing and Small Batch Sizes

#176: Transaction-based costing and Value Stream Teams

#175: Transaction-based costing and its relationship with serverless and cloud

#174: Transaction-based costing in Software Development

#173: AI Coding Assistants - the future

#172: AI Coding Assistants - the potential negatives

#171: AI Coding Assistants - the benefits

#170: AI Coding Assistants - an introduction

#169: ChatGPT - initial conversation thoughts

#168: ChatGPT - my first conversation

#167: Password Hygiene

#166: The value of certifications

#165: Introduction to the Actor Model

#164: Design Patterns

#163: Taking time for self care

#162: Recommendations in a downturn

#161: State of DevOps 2022

#160: Revisiting Software Development Estimation

#159: Gantt Charts revisited

#158: The Pitch - one-size does not fill all

#157: The Pitch - its not like flipping hamburgers

#156: The Pitch - the management practices of yesterday

#155: The Pitch - the age and maturity of software development

#154: The Pitch - doing change

#153: The Pitch - the Age of Software and Digital

#152: The Pitch - lets talk business

#151: Mini-budget implications on contractor and permanent markets

#150: An updated pitch for the podcast

#149: Legacy Data - advice for dealing with it

#148: Legacy Data - why you should be thinking about it

#147: Legacy Software - addressing with Outsourcing

#146: Legacy Software - addressing with Revolution

#145: Legacy Software - addressing with Evolution

#144: Legacy Software - how to address

#143: Legacy Software - a risk matrix

#142: Legacy Software - the causes

#141: Legacy Software - the impact

#140: Legacy Software - an introduction

#139: Automation - the higher value work side-effect

#138: Automation - the knowledge sharing side-effect

#137: Automation - the auditability side-effect

#136: Automation - the security side-effect

#135: Infrastructure-as-Code

#134: DevOps Topologies - Working types

#133: DevOps Topologies - Anti-Types

#132: Inverse Conway Maneuver

#131: Conway's Law

#130: To Checklist or not to Checklist

#129: Handling Failure

#128: Error Budgets