OWASP Top 10 - 2017 Prevention

Version: 2.0


This section categorizes OWASP Top 10 2017 prevention techniques that should be followed by WSO2 engineers while engineering mobile applications.

A1 - 2017 - Injection

In OWASP Top 10 - 2017, the following vulnerabilities were discussed under Injection type of vulnerabilities.

A2 - 2017 - Broken Authentication

In OWASP Top 10 - 2017, the following vulnerabilities were discussed under Broken Authentication type of vulnerabilities.

A3 - 2017 - Sensitive Data Exposure

In OWASP Top 10 - 2017, the following vulnerabilities were discussed under Sensitive Data Exposure type of vulnerabilities.

A4 - 2017 - XML External Entity (XXE)

Please refer to General Recommendations for Secure Coding - XML External Entity (XXE) section to find out the details about the vulnerability and prevention techniques that should be followed by WSO2 Engineers.

A5 - 2017 - Broken Access Control

In OWASP Top 10 - 2017, the vulnerabilities were discussed under Broken Access Control type of vulnerabilities.

A6 - 2017 - Security Misconfiguration

Please refer to General Recommendations for Secure Coding - Security Misconfiguration section to find out the details about the vulnerability and prevention techniques that should be followed by WSO2 Engineers.

A7 - 2017 - Cross-Site Scripting (XSS)

Please refer to General Recommendations for Secure Coding - Cross-Site Scripting (XSS) section to find out the details about the vulnerability and prevention techniques that should be followed by WSO2 Engineers.

A8 - 2017 - Insecure Deserialization

Please refer to General Recommendations for Secure Coding - Insecure Deserialization section to find out the details about the vulnerability and prevention techniques that should be followed by WSO2 Engineers.

A9 - 2017 - Using Known Vulnerable Components

Please refer to General Recommendations for Secure Coding - Using Known Vulnerable Components section to find out the details about the vulnerability and prevention techniques that should be followed by WSO2 Engineers.

A10 - 2017 - Insufficient logging and Monitoring

Please refer to General Recommendations for Secure Coding - Insufficient logging and Monitoring section to find out the details about the vulnerability and prevention techniques that should be followed by WSO2 Engineers.