4 posts tagged with "owasp"Gone on too long, P-8 Missing or Insufficient Session Expirationposted on July 12, 2022 | tags: [ owasp, privacy ]From OWASP on P-8: Failure to effectively enforce session termination. May result in collection of additional user-data without the user’s consent or awareness.Cyber Security Month Presentation - DAMA Philadelphiaposted on October 27, 2021 | tags: [ owasp, privacy, dama ]I presented the OWASP Top 10 Privacy Risks project to DAMA Philadelphia for their Cyber Security Month event.Why do we need all of this data? OWASP Privacy Risks - P-10posted on October 20, 2021 | tags: [ owasp, privacy ]P-10 Collection of data not required for the user-consented purpose and the "Lean Data Commitment".Empower our users, they own their data. OWASP Privacy Risks - P-9posted on October 20, 2021 | tags: [ owasp, privacy ]P-9 "Inability of users to access and modify data" identifies data lockin by organizations as a privacy risk.
