Understanding & Addressing OWASP's Newest Top Ten Threat: Using Components with Known Vulnerabilities

Aug 10, 2014

Download Many organizations turn to the Open Web Application Security Project (OWASP) to help ensure that their code and applications are secure. Recently OWASP's Top Ten list of application security risks was updated to include "A9: Using components with known vulnerabilities." This means organizations need to expand their security approach to accommodate components - which are reusable blocks of code that are assembled together to create an application. These re-usable components now comprise 90% of an average application thus exposing organizations to potential security, license and quality risks. This paper explains this new threat with practical ideas for reducing avoidable open source risk.