--
You received this message because you are subscribed to the Google Groups "OWASP Mobile Top 10 Risks" group.
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-1...@owasp.org.
For more options, visit https://groups.google.com/a/owasp.org/d/optout.
Column1 | Bugcrowd | Cigital | Denim | HackLabs | Pure Hacking | White Hat | Totals | Bugcrowd Pct | Cigital Pct | Denim Pct | HackLab Pct | Pure Hacking Pct | White Hat Pct | Totals2 |
M4: Unintended Data Leakage | 49 | 14 | 166 | 8 | 5 | 282 | 524 | 23.56% | 6.28% | 44.03% | 34.78% | 23.81% | 30.10% | 29.29% |
M2: Insecure Data Storage | 35 | 77 | 90 | 3 | 3 | 102 | 310 | 16.83% | 34.53% | 23.87% | 13.04% | 14.29% | 10.89% | 17.33% |
Other | 9 | 21 | 74 | 0 | 0 | 147 | 251 | 4.33% | 9.42% | 19.63% | 0.00% | 0.00% | 15.69% | 14.03% |
M3: Insufficient Transport Layer Protection | 26 | 20 | 1 | 5 | 6 | 89 | 147 | 12.50% | 8.97% | 0.27% | 21.74% | 28.57% | 9.50% | 8.22% |
M10: Lack of Binary Protections | 35 | 17 | 0 | 1 | 2 | 92 | 147 | 16.83% | 7.62% | 0.00% | 4.35% | 9.52% | 9.82% | 8.22% |
M5: Poor Authorization and Authentication | 29 | 33 | 18 | 0 | 0 | 55 | 135 | 13.94% | 14.80% | 4.77% | 0.00% | 0.00% | 5.87% | 7.55% |
M1: Weak Server Side Controls | 2 | 0 | 7 | 6 | 2 | 96 | 113 | 0.96% | 0.00% | 1.86% | 26.09% | 9.52% | 10.25% | 6.32% |
M6: Broken Cryptography | 7 | 32 | 0 | 0 | 0 | 37 | 76 | 3.37% | 14.35% | 0.00% | 0.00% | 0.00% | 3.95% | 4.25% |
M9: Improper Session Handling | 0 | 1 | 19 | 0 | 3 | 35 | 58 | 0.00% | 0.45% | 5.04% | 0.00% | 14.29% | 3.74% | 3.24% |
M7: Client Side Injection | 11 | 6 | 2 | 0 | 0 | 0 | 19 | 5.29% | 2.69% | 0.53% | 0.00% | 0.00% | 0.00% | 1.06% |
M8: Security Decisions Via Untrusted Inputs | 5 | 2 | 0 | 0 | 0 | 2 | 9 | 2.40% | 0.90% | 0.00% | 0.00% | 0.00% | 0.21% | 0.50% |
Total | 208 | 223 | 377 | 23 | 21 | 937 | 1789 |
--
@Jonathan, if any of Paco's options are found fit for the Top Ten, then i see no reason why they are not includes on the list. Lets analyse all data sets and decides what to include on the Top ten and others we can have them on the 11-20th oist
@Jonathan, if any of Paco's options are found fit for the Top Ten, then i see no reason why they are not includes on the list. Lets analyse all data sets and decides what to include on the Top ten and others we can have them on the 11-20th oist
--