The Open Web Application Security Project (OWASP) is an international non-profit community focused on practical information about web application security. The OWASP Top 10 lists the ten most critical security risks that occur frequently in web applications. It is referenced by many standards, books, tools, and organizations, including MITRE, PCI DSS, DISA, and FTC.
RIPS is able to support the detection of all OWASP Top 10 risks that can be detected by static analysis software, helps you quickly locate them in your application, and provides detailed information on how to fix the risks.
|A2||Broken Authentication and Session Management|
|A3||Cross-Site Scripting (XSS)|
|A4||Insecure Direct Object References|
|A6||Sensitive Data Exposure|
|A7||Missing Function Level Access Control|
|A8||Cross-Site Request Forgery|
|A9||Using Components with Known Vulnerabilities|
|A10||Unvalidated Redirects and Forwards|