April 29, 2010

WASC WSTCv2 Mapping Proposal

While completing vulnerability statistics about Russian web applications in 2009 (it's issued date is too late this year) [1,2,3 in Russian], I suddenly realize that there's no comparison between WASC WSTCv2 and SANS/CWE Top 25 2010 vulnerability titles. As there's No such comparison on the official resource [4], I suggest my own version.