Commentary OWASP Top Ten 2004 Project
"With new vulnerabilities announced almost weekly, many businesses may feel overwhelmed trying to keep current. But there is help in the form of consensus lists of vulnerabilities and defenses. The Open Web Application Security Project has produced a similar list of the 10 most critical Web application and databases security vulnerabilities and the most effective ways to address them. Application vulnerabilities are often neglected, but they are as important to deal with as network issues. If every company eliminated these common vulnerabilities, their work wouldn't be done, but they, and the Internet, would be significantly safer."
- J. Howard Beales, III, Director of the Federal Trade Commission's Bureau of Consumer Protection, before the Information Technology Association of America's Internet Policy Committee, Friday, December 12, 2003