CLOSE

Alok Sahay Country Manager India Saarc

Alok Sahay,
Sales Director, India
alok.sahay@holmsecurity.com
+91 8800-67 77 99

Welcome to India!

Hi! My name is Alok and I'm your local representative in India. Looking for a cyber security solution and vulnerability management? Let's talk! 

View products

Book demo

CLOSE

Faurani Ahmad Sales director Southeast Asia

Ahmad Faurani
Sales Director, Southeast Asia
ahmad.faurani@holmsecurity.com
+60 19 434 2727

Welcome to Malaysia!

Hi! My name is Ahmad Faurani and I'm your local representative in Malaysia. Looking for a cyber security solution and vulnerability management? Let's talk! 

View products

Book demo

CLOSE

cristian-miranda-holm-security

Cristian Miranda
Key Account Manager, Finland
cristian.miranda@holmsecurity.com
+46 8-550 05 582

Tervetuloa Suomeen!

Hei! Nimeni on Cristian Miranda ja olen paikallinen edustajasi Suomessa. Etsitkö tietoturvaratkaisua ja haavoittuvuuksien hallintaa? Puhutaan!

Lue lisää

Kirjaesittely

CLOSE

victor-bunge-meyer-holm-security

Victor Bunge Meyer
Key Account Manager, Sverige
victor.bunge-meyer@holmsecurity.com
+46 08-550 05 582

Holm Security i Sverige

Välkommen till Holm Security i Sverige! Jag heter Victor och är din lokala kontakt. Kontakta mig om du vill veta mera om vårt system eller sårbarhetsanalyser. 

Läs mer här

Boka demo

CLOSE

Beth Murrell holm security

Beth Murrell
Sales Development Representative, Benelux
elizabeth.murrell@holmsecurity.com
+31-20-238 63 94

Welkom in de Benelux!

Mijn naam is Beth Murrell en ik ben uw lokale vertegenwoordiger in Nederland, België en Luxemburg. Op zoek naar een cyberveiligheidsoplossing en kwetsbaarheidsbeheer? Laten we praten!

Lees verder

Boek een demo

CLOSE

jens dahlkvist holm security

Jens Dahlkvist
Key Account Manager, Norge
jens.dahlkvist@holmsecurity.com
+46 8-550 05 582

Holm Security i Norge

Velkommen til Holm Security i Sverige! Jeg heter Victor og er din lokale kontaktperson. Kontakt meg hvis du vil vite mer om systemet vårt eller sårbarhetsanalyser.

Les mer

Personlig demo

Compliance

OWASP top 10

The Open Web Application Security Project (OWASP) is a non-profit organization that was founded in 2001 and runs several different projects that promote security in applications. The organization is located all over the world and has over 30,000 members. 

The Open Web Application Security Project

One of OWASP's foremost projects is OWASP top 10. This list was published for the first time in 2003 and is updated regularly. The latest version was released in 2018 and is called OWASP top 10 version 2017. The goal of the list is to raise awareness of application security by highlighting some of the most critical risks in web applications that organizations face.

According to the top 10 list, organizations ensure good security by scanning web applications such as websites, intranets, extranets, portals, and other web-based services for vulnerabilities.

Reports

Create reports that demonstrate compliance with OWASP top 10 version 2017.

Secure web applications

Make sure no vulnerabilities exist in your web applications with our service Web Application Scanning. 

Assess

With our support, we will help you understand all of your vulnerability exposures.

OWASP top 10 categories

A1: Injection

Injection attacks happen when untrusted data is sent to a code interpreter through a form input or some other data submission to a web application.

A2: Broken Authentication

Vulnerabilities in authentication systems can give attackers access to accounts and even the ability to compromise an entire system using an admin account.

A3: Sensitive Data Exposure

Sensitive data exposure occurs when an application, company, or other entity inadvertently exposes personal data.

A4: XML External Entities (XXE)

An XML parser can be duped into sending data to an unauthorized external entity, which can pass sensitive data directly to an attacker.

A5: Broken Access Control

Broken access controls allow attackers to bypass authorization and perform tasks as though they were privileged users such as administrators.

A6: Security Misconfiguration

On this list, security misconfiguration is the most common vulnerability. Is often the result of using default configurations or displaying verbose errors.

A7: Cross-Site Scripting (XSS)

Cross-site scripting vulnerabilities occur when web applications allow users to add custom code into a URL path or onto a website that will be seen by other users.

A8: Insecure Deserialization

Insecure deserialization exploit is the result of deserializing data from untrusted sources and can result in serious consequences like DDoS attacks and remote code execution attacks.

A9: Using Components with Known Vulnerabilities

Attackers can find security holes in components that could leave hundreds of thousands of sites vulnerable to exploitation.

A10: Insufficient Logging and Monitoring

Many web applications are not taking enough steps to detect data breaches. OWASP recommends implementing logging and monitoring of applications.