After a nine month process, starting with a visit to a pho restaurant with Raoul Endres in Melbourne Australia, and ending with me working in a hotel room in Pennsylvania, USA, the Top 10 2007 is really done. It’s 35 pages packed to the rafters of good advice.
The document will be launched at OWASP EU this week. Look for it on our Wiki shortly in PDF, Word and Wiki format.
Whilst not quite a 1-1 mapping to MITRE data, this is a succinct update to the 2004 work, and I think a very worthy successor. Hopefully, it will not be three years between this release and the next.
Jeff Williams and Dave Wichers (my co-authors) have put in some excellent work on the back end, as well as being a devil’s advocate when it was necessary. Much thanks to Steve Christey of MITRE for his excellent careful line by line reviews, and indeed all our peer reviewers.
Feel free to download it and have a read. I welcome all comments.