{ "id": "8f72f078-d7c7-47dd-8491-371bb6b75ee5", "created_at": "2026-04-06T00:21:30.218526Z", "updated_at": "2026-04-10T03:20:24.678061Z", "deleted_at": null, "sha1_hash": "c40cce5ba2e46a91cc635b92a676bb41bd688227", "title": "OWASP Top Ten 2017 | Table of Contents | OWASP Foundation", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 48292, "plain_text": "OWASP Top Ten 2017 | Table of Contents | OWASP Foundation\r\nArchived: 2026-04-05 13:18:20 UTC\r\nOWASP Top Ten 2017\r\nTable of Contents\r\n• Table of Contents\r\n• Foreword\r\n• Introduction\r\n• Release Notes\r\n• Application Security\r\nRisks\r\n• 2017 Top 10\r\n• A1:2017-Injection\r\n• A2:2017-Broken\r\nAuthentication\r\n• A3:2017-Sensitive Data\r\nExposure\r\n• A4:2017-XML External\r\nEntities (XXE)\r\n• A5:2017-Broken Access\r\nControl\r\n• A6:2017-Security\r\nMisconfiguration\r\n• A7:2017-Cross-Site\r\nScripting (XSS)\r\n• A8:2017-Insecure\r\nDeserialization\r\n• A9:2017-Using\r\nComponents with Known\r\nVulnerabilities\r\n• A10:2017-Insufficient\r\nLogging \u0026 Monitoring\r\n• What's Next for\r\nDevelopers\r\n• What's Next for Security\r\nTesters\r\n• What's Next for\r\nOrganizations\r\nAbout OWASP\r\nThe Open Web Application Security Project (OWASP) is an open community\r\ndedicated to enabling organizations to develop, purchase, and maintain\r\napplications and APIs that can be trusted.\r\nAt OWASP, you’ll find free and open:\r\n* Application security tools and standards.\r\n* Complete books on application security testing, secure code development,\r\nand secure code review.\r\n* Presentations and videos.\r\n* Cheat sheets on many common topics.\r\n* Standard security controls and libraries.\r\n* Local chapters worldwide.\r\n* Cutting edge research.\r\n* Extensive conferences worldwide.\r\n* Mailing lists.\r\nLearn more at: https://owasp.org.\r\nAll OWASP tools, documents, videos, presentations, and chapters are free and\r\nopen to anyone interested in improving application security.\r\nWe advocate approaching application security as a people, process, and\r\ntechnology problem, because the most effective approaches to application\r\nsecurity require improvements in these areas.\r\nOWASP is a new kind of organization. Our freedom from commercial\r\npressures allows us to provide unbiased, practical, and cost-effective\r\ninformation about application security.\r\nOWASP is not affiliated with any technology company, although we support\r\nthe informed use of commercial security technology. OWASP produces many\r\ntypes of materials in a collaborative, transparent, and open way.\r\nThe OWASP Foundation is the non-profit entity that ensures the project’s\r\nlong-term success. Almost everyone associated with OWASP is a volunteer,\r\nhttps://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/\r\nPage 1 of 2\n\n• What's Next for\r\nApplication Managers\r\n• Note About Risks\r\n• Details About Risk\r\nFactors\r\n• Top 10-2017\r\nMethodology and Data\r\n• Top 10-2017\r\nAcknowledgements\r\nProject Page: OWASP Top\r\nTen Project\r\nincluding the OWASP board, chapter leaders, project leaders, and project\r\nmembers. We support innovative security research with grants and\r\ninfrastructure.\r\nCome join us!\r\nSource: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/\r\nhttps://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "MITRE" ], "references": [ "https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/" ], "report_names": [ "OWASP_Top_Ten_2017" ], "threat_actors": [], "ts_created_at": 1775434890, "ts_updated_at": 1775791224, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/c40cce5ba2e46a91cc635b92a676bb41bd688227.pdf", "text": "https://archive.orkl.eu/c40cce5ba2e46a91cc635b92a676bb41bd688227.txt", "img": "https://archive.orkl.eu/c40cce5ba2e46a91cc635b92a676bb41bd688227.jpg" } }