{"id":833,"date":"2009-03-28T19:41:56","date_gmt":"2009-03-29T00:41:56","guid":{"rendered":"http:\/\/www.coresecuritypatterns.com\/blogs\/?p=833"},"modified":"2009-03-28T19:41:56","modified_gmt":"2009-03-29T00:41:56","slug":"top-web-20-security-threats","status":"publish","type":"post","link":"https:\/\/websecuritypatterns.com\/blogs\/2009\/03\/28\/top-web-20-security-threats\/","title":{"rendered":"Top Web 2.0 Security Threats !"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft\" src=\"http:\/\/secure-enterprise20.org\/files\/interlaced_logo.png\" alt=\"\" width=\"125\" height=\"50\" \/> Web 2.0 is not my forte but I am not ignorant to know its overwhelming adoption and popularity !\u00a0 In my understanding, Web 2.0 is another Web based application paradigm that enables delivering user-generated content via aggregation, participation and collaboration on the Internet using Web based protocols.\u00a0 No doubt, everyday a new breed of Web 2.0 application is finding its place in the IT industry and it changes the existing Web based applications\u00a0 through convergence of consumer and enterprise collaboration.\u00a0 Although it is amazing to see the changes brought by Web 2.0 is compelling, these improvements are mostly getting accompanied by newer set of security threats and vulnerabilities partially due to the known complexities with underlying architecture and design choices ignorant to the critical real-world security requirements.<\/p>\n<h3><\/h3>\n<p>Recently, Secure Enterprise 2.0 published the\u00a0 <a href=\"http:\/\/www.secure-enterprise20.org\/files\/Top%20Web%202%200%20Security%20Threats.pdf\" target=\"_blank\">2009 Industry Report on Top Web 2.0 Security Threats<\/a> which highlights the most common security vulnerabilities associated with Web 2.0 applications. At my first look, I am bit puzzled by the long list of security threats identifying the known exploit scenarios and security incidents from most popular Web 2.0 sites such as Facebook, MySpace, Craigslist, Yahoo HotJobs, Twitter, My.BarackObama.Com, Wikipedia and so on.\u00a0 I am not surprised by the list, whomsoever coined the term Web 2.0 might&#8217;ve forgotten or decided to have Web 2.0&#8217;s security as an afterthought !<\/p>\n<h3><\/h3>\n<p>Looks like Web 2.0 is another goldmine for security enthusiasts \ud83d\ude42\u00a0 ! Go ahead and read the report for yourself..The report <a href=\"http:\/\/www.secure-enterprise20.org\/files\/Top%20Web%202%200%20Security%20Threats.pdf\" target=\"_blank\">is right here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Web 2.0 is not my forte but I am not ignorant to know its overwhelming adoption and popularity !\u00a0 In my understanding, Web 2.0 is another Web based application paradigm that enables delivering user-generated content via aggregation, participation and collaboration on the Internet using Web based protocols.\u00a0 No doubt, everyday a new breed of Web 2.0 application is finding its&#8230; <a href=\"https:\/\/websecuritypatterns.com\/blogs\/2009\/03\/28\/top-web-20-security-threats\/\">Read more &raquo;<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6,9],"tags":[36,62,73,76],"class_list":["post-833","post","type-post","status-publish","format-standard","hentry","category-main","category-security","tag-inputvalidation","tag-security","tag-web2-0","tag-xss"],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts\/833","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/comments?post=833"}],"version-history":[{"count":0,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts\/833\/revisions"}],"wp:attachment":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/media?parent=833"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/categories?post=833"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/tags?post=833"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}