OWASP Top 10: What's C Got To Do With It?
Security Boulevard, Wednesday, January 15th, 2025
What do the OWASP Top Ten web application vulnerabilities have to do with C languages? And where do those vulnerabilities coincide with Software Bills of Materials (SBOMs)?
As the Top Ten core team begins analyzing the 2025 data, we pose these questions to Brian Glas, one of four Top Ten core team members responsible for the report. He's personally been on the team for the 2017, 2021, and soon, the 2025 Top Ten list. Brian is also a core team member for the OWASP Software Assurance and Maturity Model (SAMM), a community-led open-source framework to improve security across the SDLC. In his day job, he chairs the Department of Computer Science at Union University, based in Jackson Tennessee, where he's also an assistant professor.