Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
I'm not sure you got my point. The CWEs are there, but they give no examples of those in the Description or bullet points or the How to Prevent bullet points. In other words, the description and how to prevent ignore the vast majority of CWEs they list under Cryptographic Failures. My proposed change to the standard is that they include those CWEs in the Description and Prevention section. That was the entire point of raising the issue that I linked to: https://github.com/OWASP/Top10/issues/540
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a more popular project.