Cybersecurity Expert | Cyber Resilience

UK cybersecurity analysis, operational resilience, control assurance, AI security, and evidence-based governance from experienced practitioners and guest contributors.

Provable Cyber Resilience - Cybersecurity Expert

More from Cybersecurity Expert Practitioner-led cybersecurity analysis, AI Labs tools, book updates and evidence-based assurance thinking. Visit the website Explore AI Labs Read about the book

12 December 2017

Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities

Following the updated release of OWASP Top Ten (2017), I have updated my IBM developerWorks article "Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities", which was released on the IBM Developer Works website today

Posted by SecurityExpert at 23:30 No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Labels: application security, ibm, OWASP

Newer Posts Older Posts Home

Provable Cyber Resilience – Cybersecurity Research and Assurance

Provable Cyber Resilience – Cybersecurity Research cybersecurityexpert.co.uk →

Blog Archive

► 2026 (12)
- ► May (2)
- ► April (2)
- ► March (6)
- ► February (2)

► 2025 (6)
- ► March (5)
- ► February (1)

► 2021 (39)
- ► September (1)
- ► August (1)
- ► July (3)
- ► June (3)
- ► May (10)
- ► April (8)
- ► March (6)
- ► February (4)
- ► January (3)

► 2020 (49)
- ► December (7)
- ► November (6)
- ► October (2)
- ► September (3)
- ► August (5)
- ► July (6)
- ► June (2)
- ► May (2)
- ► April (4)
- ► March (5)
- ► February (3)
- ► January (4)

► 2019 (76)
- ► December (9)
- ► November (17)
- ► October (7)
- ► September (2)
- ► August (1)
- ► July (3)
- ► June (5)
- ► May (9)
- ► April (3)
- ► March (4)
- ► February (6)
- ► January (10)

► 2018 (27)
- ► December (3)
- ► November (3)
- ► October (2)
- ► September (4)
- ► August (1)
- ► July (2)
- ► June (1)
- ► May (2)
- ► April (1)
- ► March (2)
- ► February (3)
- ► January (3)

▼ 2017 (38)
- ▼ December (1)
  - Scan your app to find and fix OWASP Top 10 - 2017 ...
- ► November (2)
- ► October (3)
- ► September (7)
- ► August (4)
- ► June (5)
- ► May (5)
- ► April (3)
- ► March (3)
- ► February (2)
- ► January (3)

► 2016 (23)
- ► December (4)
- ► November (4)
- ► October (2)
- ► September (4)
- ► August (1)
- ► July (1)
- ► June (1)
- ► May (1)
- ► April (2)
- ► March (1)
- ► February (1)
- ► January (1)

► 2015 (12)
- ► December (1)
- ► November (1)
- ► October (1)
- ► September (1)
- ► June (3)
- ► May (1)
- ► March (1)
- ► February (1)
- ► January (2)

► 2014 (21)
- ► November (1)
- ► September (2)
- ► July (2)
- ► June (4)
- ► May (1)
- ► April (2)
- ► March (3)
- ► February (4)
- ► January (2)

► 2013 (33)
- ► December (1)
- ► October (4)
- ► September (6)
- ► August (6)
- ► July (3)
- ► June (4)
- ► May (1)
- ► April (2)
- ► March (2)
- ► February (2)
- ► January (2)

► 2012 (32)
- ► December (2)
- ► November (5)
- ► October (5)
- ► September (1)
- ► August (13)
- ► July (2)
- ► June (2)
- ► March (1)
- ► January (1)

► 2011 (14)
- ► November (1)
- ► October (1)
- ► September (2)
- ► August (1)
- ► June (1)
- ► April (1)
- ► March (3)
- ► February (1)
- ► January (3)

► 2010 (18)
- ► November (1)
- ► October (2)
- ► September (2)
- ► August (1)
- ► July (1)
- ► May (1)
- ► April (3)
- ► March (3)
- ► February (3)
- ► January (1)

► 2009 (29)
- ► December (1)
- ► November (3)
- ► October (2)
- ► August (1)
- ► July (4)
- ► June (3)
- ► May (1)
- ► April (2)
- ► March (4)
- ► February (4)
- ► January (4)

► 2008 (26)
- ► December (3)
- ► November (2)
- ► October (3)
- ► September (2)
- ► July (2)
- ► June (3)
- ► May (1)
- ► April (1)
- ► March (4)
- ► February (1)
- ► January (4)

► 2007 (60)
- ► December (6)
- ► November (14)
- ► October (4)
- ► September (8)
- ► August (6)
- ► July (6)
- ► June (9)
- ► May (7)

Search IT Security Expert Blog

Post Categories

data breach Data Protection Patching ransomware cyber security roundup Microsoft Security Awareness Hacking Home Security privacy GDPR PCI DSS NCSC password security Payment Card Fraud malware DPA Encryption nation-state hackers ICO DDoS Cyber Crime adobe COVID-19 Cloud Security ID Theft iot Threat web application security phishing Huawei cyber Cyberwar Wifi Security Mobile Security Network Security Social Media facebook CISO Vulnerability Management cybersecurity yahoo talktalk wannacry AI Apple Cisco application security British Airways Fraud ibm Coronavirus RSAC Risk Management cybercrime dark web marriott Third Party Security amazon brexit nhs Policies Snowden Twitter football infographic training BEC Big Data Insider Threat Intel MFA OWASP vpn APT10 GCHQ NSA Terrorism anti-virus aws cryptocurrencies cyber risk email security equifax incident management ryuk scam small business supply-chain 5G APT28 Compliance Cyber Essentials Magecart Manchester City Physical Security VIPRE bitcoin cyber insurance enterprise security podcast solarwinds Apache DLP Emotet Zero Trust botnets data retension digital transformation human error kaspersky mcafee petya A10 Networks APT29 BYOD CCTV CISA Car Security Cobalt Conference Conti Cryptojacking DarkSide FCA Google Hack Hacktivism Meltdown Mirai Mitre NIST O365 Revil SME Trickbot Uber VMware Windows XP appscan artificial intelligence bluekeep book review carbon black career ceo fraud credential stuffing cyber resilience education firewall management misconfiguration operational resilience ring sans solorigate threat hunting travelex zero-day zoom AI Security Control Assurance Currys DBIR Deep Secure Dixons carphone FBI HR Heartbleed IAM ISO27001 InfoSec Maze NIS NIS2 PCI PewDiePie RSA SHA-1 SOC SaltDNA Sophos Spectre T-Mobile Verizon Windows 7 Windows Server 2018 access control bakuk becrypt blockchain bsides bt china cyber extortion cybersecurity governance disaster recovery dixons fireeye iphone labour party lenovo linux logmeonce penetration test piracy pitney bowes sextortion smart cities social engineering starwood sunburst threat intelligence ticketmaster tor whatsapp 2018 AI agents AI cyber risk AI governance AMD APT1 APT27 APT3 APT37 APT38 APT39 APT40 APTC23 ATP Accenture Aebi Schmidt Air India Azure Born Digital Business Impact Analysis CCISO CCPA CDE CEH CESG CISM CISO leadership CISSP CREST CVE-2021-3156 CVSS CeX Certes Networks Check Point Citrix Coalfire Cognizant CompTIA Crime Dot Com Cyber Bullying Cyber Security Challenge UK Cyber Tec Security DNS Security DataDome Decathlon Defcon DevOps Disaster Recovery as a Service Disney ECSC EU Enterprise Europe Network European Cyber Security Challenge Exchange F5 FASTR FFA FIFA FatFace Flightradar Forrester GRC Gaming Giacom Github HCSEC HIPAA HSBC Hafnium IASME IOC ISACA ISC2 ISCN Identity Theft Ikea Intelligencia Iran JBS Kia Krack Kraken KwikFit LOC LORCA LinkedIn Liverpool MH370 ML MSP MSPs Maersk Memty Mythos AI NASA NCC NCF NCS Netscout Nintendo Nokia Nominet Online Harms Bill Operation Cleaver PC World PoisonTap PokemonGo Ponemon Institute Project Glasswing RAA RFT Recovery Time Objectives Redcar Regenix SD-WAN SIEM SIGRed SMBs SOAR SSL SecureTeam Security Today Sentinel Sepa Serco Service Availability Snake Sodinokibi Steganography TA505 TGI Friday Tesla The Lazaus Group TikTok Total Fitness UEFA UK Vision Direct Vulnerability scan Windows 10 YesWeHack Zerologon adaptive security leadership adware agentic AI att&ck autonomous AI awards backup beyer biometrics bitdefender bitsight black friday blueborne boothole bugbounty christmas cloud security alliance contactless control effectiveness corvid cyberis darkgate data centres data classification data security defender deltacharlie digital certificates dropbox drown e-crime congress easyjet email embroker end point security enterprise AI security eternalblue evidence based assurance expanding threat surface f-secure fedex films finance fintech flashpoint free freelance goldenspy greene king hacker hidden cobra identity management ignite iloveyou imperva isame isf legal sector locky lovebug mimecast moneytaker movies mumsnet netflix nordVPN notpetya npower outpost24 oyster paradox plundervolt qualys rbs regtech retail shadow AI shadow IT shlayer smartphone snapchat sonos spotify spyware stuxnet sudo superfish telegram teletext holidays tfl threatQ timehop translation undervolting unix wearables webroot winzip zavvi

Last 12 Months Most Popular Posts

UK Cybersecurity Weekly News Roundup - 31 March 2025

UK Cybersecurity Weekly News Roundup - 31 March 2025 Welcome to this week's edition of our cybersecurity news roundup, bringing you th...
Payment Security: Understanding the Four Corner Model

Introduction Online shopping digital payment transactions may seem quite simple, but in reality, just one single transaction sets off multip...
UK Cybersecurity Weekly News Roundup - 23 March 2025

Welcome to this week's edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyo...
How Businesses Can Utilise Penetration Testing

Understand your security vulnerabilities Article by Beau Peters The basic approaches like phishing simulations are good, but they tend to...
Prevention is Better Than Cure: The Ransomware Evolution

Ransomware tactics have continued to evolve over the years, and remain a prominent threat to both SMBs and larger organisations. Particularl...
UK Cybersecurity Weekly News Roundup – 9 March 2025

Welcome to this week's edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyo...
UK Cybersecurity Weekly News Roundup - 16 March 2025

Welcome to this week's edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and bey...
UK Cybersecurity Weekly News Roundup – 2 March 2025

UK Government's Encryption Demands Lead to Apple's Data Protection Withdrawal The UK government has mandated that Apple pr...

Disclaimer

This website and blog are personal to David Whitelegg. The views and opinions expressed are solely those of David and, where applicable, individual guest contributors, and do not represent the views of any employer, organisation, or affiliated entity. All content is provided for informational and educational purposes only. While reasonable efforts are made to ensure accuracy, no representations or warranties are made regarding the completeness, reliability, or suitability of any information published here or accessed via external links. The site owner accepts no liability for any loss or damage arising from reliance on content published on this website.

Reproduction is permitted with clear attribution and a direct link to the original source.. Powered by Blogger.