4 posts tagged with "privacy"
Gone on too long, P-8 Missing or Insufficient Session Expiration

From OWASP on P-8: Failure to effectively enforce session termination. May result in collection of additional user-data without the user’s consent or awareness.
Cyber Security Month Presentation - DAMA Philadelphia

I presented the OWASP Top 10 Privacy Risks project to DAMA Philadelphia for their Cyber Security Month event.
Empower our users, they own their data. OWASP Privacy Risks - P-9

P-9 "Inability of users to access and modify data" identifies data lockin by organizations as a privacy risk.
Why do we need all of this data? OWASP Privacy Risks - P-10

P-10 Collection of data not required for the user-consented purpose and the "Lean Data Commitment".