Analysis Of The Web Hacking Incident Database

In the OWASP USA AppSec in New York in 2008, I presented an analysis of the Web Hacking Incidents Database project, which I founded and led at the time, trying to assess based on it what are the real application security risks an organization faces focusing on comparison to the picture portrayed by the OWASP top 10.

You can watch the video below or read the slides here.