I don't think the OWASP Top 10 is especially good, and in general think it mostl... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tptacek on Feb 18, 2023 | parent | context | favorite | on: OWASP Needs to Evolve

I don't think the OWASP Top 10 is especially good, and in general think it mostly serves as a tool to raise the salience of application security, rather than as a guide to implementing it. It almost doesn't matter what the Top 10 is.

ghaff on Feb 18, 2023 [–]

Back when I was attending DevOps Days fairly regularly that's pretty consistent with how I saw the OWASP Top 10 being used--to highlight security in general as opposed to any specific categories.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact