About the OWASP Top 10 Security Vulnerabilities for 2017

The Open Web Application Security Project (OWASP) publishes an annual list of the 10 most critical security vulnerabilities identified for the current year to educate developers on the security risks they most likely need to protect against. The OWASP top 10 vulnerability listing is technology agnostic and does not contain language or framework specific examples, explanations, hints, or tips.

This section discusses the practices and strategies used by Oracle Life Sciences IAMS API to mitigate risks posed by the security vulnerabilities documented in the OWASP Top 10 – 2017. Customers using Oracle Life Sciences IAMS APIs should be aware of and protect against these threats. The listed security threats are probably the most severe threats and application developers have to be aware of and protect against these threats.

Addressing these ten security vulnerabilities doesn't provide for total security, but it is a good starting point in preventing the current major security threats. This document explains how the Oracle Life Sciences IAMS Inbound User Provisioning Service API addresses these potential security risks and how API developers should address these security vulnerabilities and risks when using the API.

General descriptions of the top 10 security risks identified by OWASP for 2017 are available at: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_Top_10.html.

You can get an overview of the security risk for an application at: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_Application_Security_Risks.html